GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,971
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,091
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
324 advisories
Filter by severity
The NSS code used for checking PKCS#1 v1.5 was leaking information useful in mounting...
Moderate
Unreviewed
CVE-2023-4421
was published
Dec 12, 2023
In BTM_BleVerifySignature of btm_ble.cc, there is a possible way to bypass signature validation...
Moderate
Unreviewed
CVE-2023-40090
was published
Dec 5, 2023
Marvin Attack: potential key recovery through timing sidechannels
Moderate
CVE-2023-49092
was published
for
rsa
(Rust)
Nov 28, 2023
UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message...
Moderate
Unreviewed
CVE-2023-47102
was published
Nov 13, 2023
In Media Projection, there is a possible way to determine whether an app is installed, without...
Moderate
Unreviewed
CVE-2023-21350
was published
Oct 30, 2023
In Package Manager Service, there is a possible way to determine whether an app is installed,...
Moderate
Unreviewed
CVE-2023-21354
was published
Oct 30, 2023
In Input Method, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2023-21336
was published
Oct 30, 2023
In Text Services, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2023-21333
was published
Oct 30, 2023
In Input Method, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2023-21338
was published
Oct 30, 2023
In Text Services, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2023-21332
was published
Oct 30, 2023
In Job Scheduler, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2023-21344
was published
Oct 30, 2023
In Settings, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2023-21335
was published
Oct 30, 2023
In PackageManagerNative, there is a possible way to determine whether an app is installed,...
Moderate
Unreviewed
CVE-2023-21293
was published
Oct 30, 2023
In Content, here is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2023-21303
was published
Oct 30, 2023
In Package Manager, there is a possible way to determine whether an app is installed, without...
Moderate
Unreviewed
CVE-2023-21299
was published
Oct 30, 2023
In PackageManager, there is a possible way to determine whether an app is installed, without...
Moderate
Unreviewed
CVE-2023-21300
was published
Oct 30, 2023
In Package Manager Service, there is a possible way to determine whether an app is installed,...
Moderate
Unreviewed
CVE-2023-21326
was published
Oct 30, 2023
In Permission Manager, there is a possible way to determine whether an app is installed, without...
Moderate
Unreviewed
CVE-2023-21327
was published
Oct 30, 2023
In Device Policy, there is a possible way to verify if a particular admin app is registered on...
Moderate
Unreviewed
CVE-2023-21320
was published
Oct 30, 2023
In Content Service, there is a possible way to determine whether an app is installed, without...
Moderate
Unreviewed
CVE-2023-21304
was published
Oct 30, 2023
In Content, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2023-21318
was published
Oct 30, 2023
In Settings, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2023-21325
was published
Oct 30, 2023
In Permission, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2023-21296
was published
Oct 30, 2023
In Package Manager, there is a possible way to determine whether an app is installed, without...
Moderate
Unreviewed
CVE-2023-21302
was published
Oct 30, 2023
In ContentService, there is a possible way to read installed sync content providers due to side...
Moderate
Unreviewed
CVE-2023-21306
was published
Oct 30, 2023
ProTip!
Advisories are also available from the
GraphQL API