Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

79 advisories

Loading
Adobe Experience Manager Cloud Service offering, as well as versions 6.5.8.0 (and below) is... Low Unreviewed
CVE-2021-28626 was published May 24, 2022
Calling of non-existent provider in Samsung Members prior to version 2.4.81.13 (in Android O(8.1)... Low Unreviewed
CVE-2021-25343 was published May 24, 2022
Calling of non-existent provider in SMP sdk prior to version 3.0.9 allows unauthorized actions... Low Unreviewed
CVE-2021-25342 was published May 24, 2022
Calling of non-existent provider in S Assistant prior to version 6.5.01.22 allows unauthorized... Low Unreviewed
CVE-2021-25341 was published May 24, 2022
HUAWEI Mate 20 smartphones with versions earlier than 10.1.0.160(C00E160R2P11) have an improper... Low Unreviewed
CVE-2020-9251 was published May 24, 2022
BIOTRONIK CardioMessenger II, The affected products do not properly enforce mutual authentication... Low Unreviewed
CVE-2019-18246 was published May 24, 2022
BIOTRONIK CardioMessenger II, The affected products allow credential reuse for multiple... Low Unreviewed
CVE-2019-18252 was published May 24, 2022
An issue was discovered on Samsung mobile devices with Q(10.0) software. The Lockscreen feature... Low Unreviewed
CVE-2020-13837 was published May 24, 2022
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. The DeX... Low Unreviewed
CVE-2020-13838 was published May 24, 2022
An authentication bypass vulnerability exists in Microsoft YourPhoneCompanion application for... Low Unreviewed
CVE-2020-0943 was published May 24, 2022
The Telegram application through 5.12 for Android, when Show Popup is enabled, might allow... Low Unreviewed
CVE-2020-10570 was published May 24, 2022
Huawei smartphone OxfordS-AN00A with versions earlier than 10.0.1.152D(C735E152R3P3),versions... Low Unreviewed
CVE-2020-1878 was published May 24, 2022
An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3.... Low Unreviewed
CVE-2019-5108 was published May 24, 2022
The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in System Security Services... Low Unreviewed
CVE-2011-1758 was published May 17, 2022
GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit,... Low Unreviewed
CVE-2011-2176 was published May 17, 2022
IBM WebSphere Application Server 7.0 before 7.0.0.23, when a certain SSLv2 configuration with... Low Unreviewed
CVE-2012-0717 was published May 17, 2022
Disk Management in Apple Mac OS X before 10.8.4 does not properly authenticate attempts to... Low Unreviewed
CVE-2013-0985 was published May 17, 2022
SoftBank Wi-Fi Spot Configuration Software, as used on SoftBank SHARP 3G handsets, SoftBank... Low Unreviewed
CVE-2013-2310 was published May 17, 2022
The Verizon Wireless Network Extender SCS-26UC4 and SCS-2U01 does not use CAVE authentication,... Low Unreviewed
CVE-2013-4877 was published May 17, 2022
The default configuration of Red Hat JBoss Portal before 6.1.0 enables the JGroups diagnostics... Low Unreviewed
CVE-2013-2102 was published May 17, 2022
VASCO IDENTIKEY Authentication Server (IAS) 3.4.x allows remote authenticated users to bypass... Low Unreviewed
CVE-2013-7292 was published May 17, 2022
The Artiva Agency Single Sign-On (SSO) implementation in Artiva Workstation 1.3.x before 1.3.9,... Low Unreviewed
CVE-2014-0348 was published May 17, 2022
The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages... Low Unreviewed
CVE-2012-3520 was published May 17, 2022
The rsaauth extension in TYPO3 4.3.0 through 4.3.14, 4.4.0 through 4.4.15, 4.5.0 through 4.5.39,... Low Unreviewed
CVE-2015-2047 was published May 17, 2022
Improper Authentication in Apache Hadoop Low
CVE-2013-2192 was published for org.apache.hadoop:hadoop-common (Maven) May 17, 2022
ProTip! Advisories are also available from the GraphQL API