GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,473
Composer 4,168
Erlang 30
GitHub Actions 19
Go 1,975
Maven 5,150
npm 3,698
NuGet 654
pip 3,314
Pub 11
RubyGems 882
Rust 831
Swift 35

Unreviewed advisories

All unreviewed 232,584

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

395 advisories

Filter by severity

Sort by

Least recently updated

The pointer-validation logic in util/mem_util.rs in Occlum before 0.26.0 for Intel SGX acts as a... Moderate Unreviewed

CVE-2021-44421 was published Mar 11, 2022

An information leak in Nabu Casa Home Assistant Operating System and Home Assistant Supervised... High Unreviewed

CVE-2020-36517 was published Mar 11, 2022

In People, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed

CVE-2021-39775 was published Mar 31, 2022

In Framework, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed

CVE-2021-39756 was published Mar 31, 2022

In ContextImpl, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed

CVE-2021-39754 was published Mar 31, 2022

In AudioService, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed

CVE-2021-39760 was published Mar 31, 2022

In DevicePolicyManager, there is a possible way to reveal the existence of an installed package... Moderate Unreviewed

CVE-2021-39755 was published Mar 31, 2022

In DevicePolicyManager, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed

CVE-2021-39745 was published Mar 31, 2022

In Media, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed

CVE-2021-39761 was published Mar 31, 2022

In DevicePolicyManager, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed

CVE-2021-39744 was published Mar 31, 2022

In TelecomManager, there is a possible way to check if a particular self managed phone account... Moderate Unreviewed

CVE-2021-39788 was published Mar 31, 2022

In Settings, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed

CVE-2021-39766 was published Mar 31, 2022

In VpnManagerService, there is a possible disclosure of installed VPN packages due to side... Moderate Unreviewed

CVE-2021-39773 was published Mar 31, 2022

In WallpaperManagerService, there is a possible way to determine whether an app is installed,... Moderate Unreviewed

CVE-2021-39791 was published Mar 31, 2022

IBM MQ Appliance 9.2 CD and 9.2 LTS could allow an attacker to enumerate account credentials due... Moderate Unreviewed

CVE-2022-22356 was published Apr 6, 2022

A vulnerability in SonicWall SMA100 password change API allows a remote unauthenticated attacker... High Unreviewed

CVE-2021-20049 was published Dec 24, 2021

Observable discrepancies in the login process allow an attacker to guess legitimate user names... Moderate Unreviewed

CVE-2021-45925 was published Oct 24, 2022

The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1... Moderate Unreviewed

CVE-2019-18222 was published May 24, 2022

Best Practical Request Tracker (RT) 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2... High Unreviewed

CVE-2021-38562 was published May 24, 2022

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs... Moderate Unreviewed

CVE-2020-27170 was published May 24, 2022

In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding... Moderate Unreviewed

CVE-2021-24119 was published May 24, 2022

When binding against a DN during authentication, the reply from 389-ds-base will be different... Moderate Unreviewed

CVE-2020-35518 was published May 24, 2022

A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted... Low Unreviewed

CVE-2020-16150 was published May 24, 2022

An improper control of interaction frequency vulnerability in Zyxel GS1200 series switches could... Moderate Unreviewed

CVE-2022-0823 was published Jun 10, 2022

Potential speculative code store bypass in all supported CPU products, in conjunction with... Moderate Unreviewed

CVE-2021-26313 was published May 24, 2022

Previous 1 2 3 4 5 … 15 16 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

395 advisories