Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,783
Erlang
36
GitHub Actions
29
Go
2,353
Maven
5,000+
npm
3,977
NuGet
720
pip
3,774
Pub
12
RubyGems
923
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

141 advisories

Loading
An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. Due to... High Unreviewed
CVE-2022-31262 was published Aug 18, 2022
IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 through 10.1.10.2 for Kubernetes... High Unreviewed
CVE-2022-22472 was published Jul 1, 2022
eG Agent before 7.2 has weak file permissions that enable escalation of privileges to SYSTEM. High Unreviewed
CVE-2022-29594 was published Jun 3, 2022
Improper Preservation of Permissions in Apache Struts High
CVE-2019-0233 was published for org.apache.struts:struts2-core (Maven) May 24, 2022
In GBoard, there is a possible way to bypass Factory Reset Protection due to a missing permission... High Unreviewed
CVE-2021-39622 was published Jan 15, 2022
Dell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and 9.3.0.x, contain... High Unreviewed
CVE-2022-24428 was published Apr 9, 2022
An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux... High Unreviewed
CVE-2021-3847 was published Apr 3, 2022
In the broadcast definition in AndroidManifest.xml, there is a possible way to set the A2DP... High Unreviewed
CVE-2021-0999 was published Dec 16, 2021
In onReceive of AlertReceiver.java, there is a possible way to dismiss system dialog due to a... High Unreviewed
CVE-2021-0985 was published Dec 16, 2021
In getConfiguredNetworks of WifiServiceImpl.java, there is a possible way to determine whether an... High Unreviewed
CVE-2021-1004 was published Dec 16, 2021
In AndroidManifest.xml of Settings, there is a possible pairing of a Bluetooth device without... High Unreviewed
CVE-2021-0965 was published Dec 16, 2021
In checkFileUriDestination of DownloadProvider.java, there is a possible way to bypass external... High Unreviewed
CVE-2021-39697 was published Mar 17, 2022
In createOrUpdate of BasePermission.java, there is a possible permission bypass due to a logic... High Unreviewed
CVE-2021-39695 was published Mar 17, 2022
In deleteNotificationChannelGroup of NotificationManagerService.java, there is a possible way to... High Unreviewed
CVE-2021-39704 was published Mar 17, 2022
Heimdal.Wizard.exe installer in Heimdal Premium Security 2.5.395 and earlier has insecure... High Unreviewed
CVE-2022-24618 was published Mar 11, 2022
lakeFS vulnerable to authenticated users deleting files they are not authorized to delete High
GHSA-28q9-9c3g-v3f9 was published for github.com/treeverse/lakefs (Go) Sep 23, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database