Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

60 advisories

Loading
dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other... Low Unreviewed
CVE-2012-4453 was published May 13, 2022
In various methods of NotificationManagerService.java, there is a possible way to view... Low Unreviewed
CVE-2022-20359 was published Aug 11, 2022
In bluetooth, there is a possible way to enable or disable bluetooth connection without user... Low Unreviewed
CVE-2022-20267 was published Aug 13, 2022
In LocationManager, there is a possible way to get location information due to a missing... Low Unreviewed
CVE-2022-20261 was published Aug 13, 2022
The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version SY0059 may... Low Unreviewed
CVE-2017-5686 was published May 13, 2022
The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may... Low Unreviewed
CVE-2017-5685 was published May 13, 2022
The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core processors prior to version... Low Unreviewed
CVE-2017-5684 was published May 13, 2022
In startSync of AbstractThreadedSyncAdapter.java, there is a possible way to access protected... Low Unreviewed
CVE-2022-20358 was published Aug 11, 2022
In sOpAllowSystemRestrictionBypass of AppOpsManager.java, there is a possible leak of location... Low Unreviewed
CVE-2022-20240 was published Dec 13, 2022
In PackageManager, there is a possible way to determine whether an app is installed due to a... Low Unreviewed
CVE-2022-20328 was published Aug 13, 2022
In Wi-Fi, there is a possible way to retrieve the WiFi SSID without location permissions due to a... Low Unreviewed
CVE-2022-20327 was published Aug 13, 2022
Trusty TLK contains a vulnerability in its access permission settings where it does not properly... Low Unreviewed
CVE-2021-34395 was published May 24, 2022
An improper SELinux policy prior to SMR APR-2021 Release 1 allows local attackers to access AP... Low Unreviewed
CVE-2021-25359 was published May 24, 2022
In SELinux policies of mls, there is a missing permission check. This could lead to local... Low Unreviewed
CVE-2020-27056 was published May 24, 2022
A lock screen issue allowed access to contacts on a locked device. This issue was addressed with... Low Unreviewed
CVE-2019-8777 was published May 24, 2022
In getGpuStatsGlobalInfo and getGpuStatsAppInfo of GpuService.cpp, there is a possible permission... Low Unreviewed
CVE-2020-27057 was published May 24, 2022
In sendConfiguredNetworkChangedBroadcast of WifiConfigManager.java, there is a possible leak of... Low Unreviewed
CVE-2020-0459 was published May 24, 2022
Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After... Low Unreviewed
CVE-2020-11867 was published May 24, 2022
In setProcessMemoryTrimLevel of ActivityManagerService.java, there is a missing permission check.... Low Unreviewed
CVE-2020-0412 was published May 24, 2022
SAP ERP Client for E-Bilanz, version - 1.0, installation sets Incorrect default filesystem... Low Unreviewed
CVE-2020-26807 was published May 24, 2022
In getUiccCardsInfo of PhoneInterfaceManager.java, there is a possible permissions bypass due to... Low Unreviewed
CVE-2020-0107 was published May 24, 2022
In dump of RollbackManagerServiceImpl.java, there is a possible backup metadata exposure due to a... Low Unreviewed
CVE-2020-0135 was published May 24, 2022
Insufficient policy enforcement in enterprise in Google Chrome prior to 83.0.4103.61 allowed a... Low Unreviewed
CVE-2020-6480 was published May 24, 2022
In updateUidProcState of AppOpsService.java, there is a possible permission bypass due to a logic... Low Unreviewed
CVE-2020-0121 was published May 24, 2022
Improper permission or value checking in the CLI console may allow a non-privileged user to... Low Unreviewed
CVE-2019-5593 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database