GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
73 advisories
Filter by severity
A pendingIntent hijacking vulnerability in Secure Folder prior to SMR APR-2021 Release 1 allows...
Low
Unreviewed
CVE-2021-25364
was published
May 24, 2022
An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet...
Low
Unreviewed
CVE-2020-11582
was published
May 24, 2022
hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares...
Low
Unreviewed
CVE-2019-8934
was published
May 13, 2022
Sensitive information accessible by physical probing of JTAG interface for some Intel(R)...
Low
Unreviewed
CVE-2022-0005
was published
May 13, 2022
Opera 7.54 and earlier does not properly limit an applet's access to internal Java packages from...
Low
Unreviewed
CVE-2004-1489
was published
Apr 29, 2022
In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was...
Low
Unreviewed
CVE-2022-29820
was published
Apr 29, 2022
Exposure of Resource to Wrong Sphere in Simple-Wayland-HotKey-Daemon
Low
CVE-2022-27814
was published
for
Simple-Wayland-HotKey-Daemon
(Rust)
Apr 15, 2022
Improper access control vulnerability in SamsungContacts prior to SMR Apr-2022 Release 1 allows...
Low
Unreviewed
CVE-2022-26090
was published
Apr 12, 2022
A business logic error in Project Import in GitLab CE/EE versions 14.9 prior to 14.9.2, 14.8...
Low
Unreviewed
CVE-2022-1111
was published
Apr 5, 2022
Renderers can obtain access to random bluetooth device without permission in Electron
Low
CVE-2022-21718
was published
for
electron
(npm)
Mar 22, 2022
An issue with app access to camera metadata was addressed with improved logic. This issue is...
Low
Unreviewed
CVE-2022-22598
was published
Mar 19, 2022
Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible
Low
CVE-2020-10744
was published
for
ansible
(pip)
Feb 9, 2022
In StatusBar.java, there is a possible disclosure of notification content on the lockscreen due...
Low
Unreviewed
CVE-2021-39628
was published
Jan 15, 2022
In getSerialForPackage of DeviceIdentifiersPolicyService.java, there is a possible way to...
Low
Unreviewed
CVE-2021-0978
was published
Dec 16, 2021
In getOrganizationNameForUser of DevicePolicyManagerService.java, there is a possible...
Low
Unreviewed
CVE-2021-0982
was published
Dec 16, 2021
In requestRouteToHostAddress of ConnectivityService.java, there is a possible way to determine...
Low
Unreviewed
CVE-2021-0994
was published
Dec 16, 2021
An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows...
Low
Unreviewed
CVE-2021-25515
was published
Dec 9, 2021
Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure...
Low
Unreviewed
CVE-2021-36319
was published
Nov 21, 2021
Ansible vulnerable to Exposure of Resource to Wrong Sphere and Insecure Temporary File
Low
CVE-2020-1733
was published
for
ansible
(pip)
Apr 20, 2021
Potential sensitive data exposure in applications using Vaadin 15
Low
CVE-2020-36319
was published
for
com.vaadin:flow-server
(Maven)
Apr 19, 2021
Context isolation bypass in Electron
Low
CVE-2020-15215
was published
for
electron
(npm)
Oct 6, 2020
RuboCop gem Insecure use of /tmp
Low
CVE-2017-8418
was published
for
rubocop
(RubyGems)
Nov 15, 2017
ProTip!
Advisories are also available from the
GraphQL API