Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

69 advisories

Loading
Key Caching behavior in the DynamoDB Encryption Client. Low
GHSA-4ph2-8337-hm62 was published for dynamodb-encryption-sdk (pip) Feb 8, 2021
Bypass of fix for CVE-2020-15247, Twig sandbox escape Low
CVE-2020-26231 was published for october/cms (Composer) Nov 23, 2020
ka1n4t
Key Caching behavior in the DynamoDB Encryption Client. Low
GHSA-w736-hf9p-qqh3 was published for com.amazonaws:aws-dynamodb-encryption-java (Maven) Feb 8, 2021
Generation of fake documents via public GET-call Low
GHSA-jvg4-9rc2-wvcr was published for shopware/platform (Composer) Feb 10, 2021
Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically... Low Unreviewed
CVE-2021-25409 was published May 24, 2022
In SELinux policy, there is a possible way of inferring which websites are being opened in the... Low Unreviewed
CVE-2022-20340 was published Aug 13, 2022
In Settings, there is a possible installed application disclosure due to a missing permission... Low Unreviewed
CVE-2022-20336 was published Aug 13, 2022
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel... Low Unreviewed
CVE-2019-17055 was published May 24, 2022
In Wifi Slice, there is a possible way to adjust Wi-Fi settings even when the permission has been... Low Unreviewed
CVE-2022-20335 was published Aug 13, 2022
A flaw was discovered in ibus that allows any unprivileged user to monitor and send method calls... Low Unreviewed
CVE-2019-14822 was published May 24, 2022
In getSlice of WifiSlice.java, there is a possible way to connect a new WiFi network from the... Low Unreviewed
CVE-2022-20533 was published Dec 20, 2022
In onCreate of AddAppNetworksActivity.java, there is a possible way for a guest user to configure... Low Unreviewed
CVE-2022-20519 was published Dec 20, 2022
In launchConfigNewNetworkFragment of NetworkProviderSettings.java, there is a possible way for... Low Unreviewed
CVE-2022-20556 was published Dec 20, 2022
The issue was addressed with improved permissions logic. This issue is fixed in iTunes for... Low Unreviewed
CVE-2020-3861 was published May 24, 2022
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. There is... Low Unreviewed
CVE-2020-11601 was published May 24, 2022
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.4 and... Low Unreviewed
CVE-2020-3891 was published May 24, 2022
Zoom Client for Meetings through 4.6.8 on macOS has the disable-library-validation entitlement,... Low Unreviewed
CVE-2020-11470 was published May 24, 2022
Any Flarum user including unactivated can reply in public discussions whose first post was permanently deleted Low
CVE-2023-22489 was published for flarum/core (Composer) Jan 10, 2023
clarkwinkelmann
The Royal Elementor Addons WordPress plugin before 1.3.56 does not have authorization and CSRF... Low Unreviewed
CVE-2022-4102 was published Jan 10, 2023
Telegram Desktop through 2.4.3 does not require passcode entry upon pushing the Export key within... Low Unreviewed
CVE-2020-25824 was published May 24, 2022
The issue was addressed with improved validation when an iCloud Link is created. This issue is... Low Unreviewed
CVE-2019-8857 was published May 24, 2022
A vulnerability was found in CrowdStrike Falcon 6.31.14505.0/6.42.15610. It has been classified... Low Unreviewed
CVE-2022-2841 was published Aug 23, 2022
A lock screen issue allowed access to contacts on a locked device. This issue was addressed with... Low Unreviewed
CVE-2021-1755 was published May 24, 2022
In JetBrains Code With Me before 2020.3, an attacker on the local network, knowing a session ID,... Low Unreviewed
CVE-2021-25755 was published May 24, 2022
In LabCup before <v2_next_18022, it is possible to use the save API to perform unauthorized... Low Unreviewed
CVE-2021-33031 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API