Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,974
Erlang
29
GitHub Actions
16
Go
1,763
Maven
4,988
npm
3,525
NuGet
615
pip
3,099
Pub
10
RubyGems
834
Rust
785
Swift
34
Unreviewed advisories
All unreviewed
5,000+

49 advisories

Loading
Insecure Permission vulnerability in Agasta Sanketlife 2.0 Pocket 12-Lead ECG Monitor FW Version... Low Unreviewed
CVE-2024-32368 was published Apr 22, 2024
Keycloak leaks configured LDAP bind credentials through the Keycloak admin console Low
CVE-2024-5967 was published for org.keycloak:keycloak-ldap-federation (Maven) Jun 21, 2024
MarkLee131
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an... Low Unreviewed
CVE-2019-14861 was published May 24, 2022
Duplicate Advisory: Keycloak: Leak of configured LDAP bind credentials Low
GHSA-gmrm-8fx4-66x7 was published for org.keycloak:keycloak-core (Maven) Jun 18, 2024 withdrawn
atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel... Low Unreviewed
CVE-2019-17054 was published May 24, 2022
Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1... Low Unreviewed
CVE-2023-21512 was published Jun 28, 2023
A vulnerability that stores IMSI values in an improper path prior to SMR APR-2021 Release 1... Low Unreviewed
CVE-2021-25358 was published May 24, 2022
llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through... Low Unreviewed
CVE-2019-17056 was published May 24, 2022
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux... Low Unreviewed
CVE-2019-17053 was published May 24, 2022
The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home... Low Unreviewed
CVE-2002-1713 was published Apr 30, 2022
SilverCity before 0.9.5-r1 installs (1) cgi-styler-form.py, (2) cgi-styler.py, and (3)... Low Unreviewed
CVE-2005-1941 was published May 1, 2022
A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with... Low Unreviewed
CVE-2021-3981 was published Mar 11, 2022
Local privilege escalation due to insecure folder permissions. The following products are... Low Unreviewed
CVE-2023-44157 was published Sep 27, 2023
Octopoller gem published with world-writable files Low
CVE-2022-31071 was published for octopoller (RubyGems) Jun 15, 2022
dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other... Low Unreviewed
CVE-2012-4453 was published May 13, 2022
In various methods of NotificationManagerService.java, there is a possible way to view... Low Unreviewed
CVE-2022-20359 was published Aug 11, 2022
In bluetooth, there is a possible way to enable or disable bluetooth connection without user... Low Unreviewed
CVE-2022-20267 was published Aug 13, 2022
In LocationManager, there is a possible way to get location information due to a missing... Low Unreviewed
CVE-2022-20261 was published Aug 13, 2022
The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version SY0059 may... Low Unreviewed
CVE-2017-5686 was published May 13, 2022
The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may... Low Unreviewed
CVE-2017-5685 was published May 13, 2022
The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core processors prior to version... Low Unreviewed
CVE-2017-5684 was published May 13, 2022
In startSync of AbstractThreadedSyncAdapter.java, there is a possible way to access protected... Low Unreviewed
CVE-2022-20358 was published Aug 11, 2022
In sOpAllowSystemRestrictionBypass of AppOpsManager.java, there is a possible leak of location... Low Unreviewed
CVE-2022-20240 was published Dec 13, 2022
In PackageManager, there is a possible way to determine whether an app is installed due to a... Low Unreviewed
CVE-2022-20328 was published Aug 13, 2022
In Wi-Fi, there is a possible way to retrieve the WiFi SSID without location permissions due to a... Low Unreviewed
CVE-2022-20327 was published Aug 13, 2022
ProTip! Advisories are also available from the GraphQL API