Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,971
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,091
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

324 advisories

Loading
The NSS code used for checking PKCS#1 v1.5 was leaking information useful in mounting... Moderate Unreviewed
CVE-2023-4421 was published Dec 12, 2023
In BTM_BleVerifySignature of btm_ble.cc, there is a possible way to bypass signature validation... Moderate Unreviewed
CVE-2023-40090 was published Dec 5, 2023
Marvin Attack: potential key recovery through timing sidechannels Moderate
CVE-2023-49092 was published for rsa (Rust) Nov 28, 2023
tomato42 lukas-braune
UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message... Moderate Unreviewed
CVE-2023-47102 was published Nov 13, 2023
In Media Projection, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed
CVE-2023-21350 was published Oct 30, 2023
In Package Manager Service, there is a possible way to determine whether an app is installed,... Moderate Unreviewed
CVE-2023-21354 was published Oct 30, 2023
In Input Method, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21336 was published Oct 30, 2023
In Text Services, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21333 was published Oct 30, 2023
In Input Method, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21338 was published Oct 30, 2023
In Text Services, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21332 was published Oct 30, 2023
In Job Scheduler, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21344 was published Oct 30, 2023
In Settings, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21335 was published Oct 30, 2023
In PackageManagerNative, there is a possible way to determine whether an app is installed,... Moderate Unreviewed
CVE-2023-21293 was published Oct 30, 2023
In Content, here is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21303 was published Oct 30, 2023
In Package Manager, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed
CVE-2023-21299 was published Oct 30, 2023
In PackageManager, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed
CVE-2023-21300 was published Oct 30, 2023
In Package Manager Service, there is a possible way to determine whether an app is installed,... Moderate Unreviewed
CVE-2023-21326 was published Oct 30, 2023
In Permission Manager, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed
CVE-2023-21327 was published Oct 30, 2023
In Device Policy, there is a possible way to verify if a particular admin app is registered on... Moderate Unreviewed
CVE-2023-21320 was published Oct 30, 2023
In Content Service, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed
CVE-2023-21304 was published Oct 30, 2023
In Content, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21318 was published Oct 30, 2023
In Settings, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21325 was published Oct 30, 2023
In Permission, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21296 was published Oct 30, 2023
In Package Manager, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed
CVE-2023-21302 was published Oct 30, 2023
In ContentService, there is a possible way to read installed sync content providers due to side... Moderate Unreviewed
CVE-2023-21306 was published Oct 30, 2023
ProTip! Advisories are also available from the GraphQL API