Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

71 advisories

Loading
RuboCop gem Insecure use of /tmp Low
CVE-2017-8418 was published for rubocop (RubyGems) Nov 15, 2017
tdunlap607
Context isolation bypass in Electron Low
CVE-2020-15215 was published for electron (npm) Oct 6, 2020
nornagon MarshallOfSound
Potential sensitive data exposure in applications using Vaadin 15 Low
CVE-2020-36319 was published for com.vaadin:flow-server (Maven) Apr 19, 2021
knoobie
File exposure in pleaser Low
CVE-2021-31153 was published for pleaser (Rust) Aug 25, 2021
another-rex
Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure... Low Unreviewed
CVE-2021-36319 was published Nov 21, 2021
An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows... Low Unreviewed
CVE-2021-25515 was published Dec 9, 2021
In requestRouteToHostAddress of ConnectivityService.java, there is a possible way to determine... Low Unreviewed
CVE-2021-0994 was published Dec 16, 2021
In getOrganizationNameForUser of DevicePolicyManagerService.java, there is a possible... Low Unreviewed
CVE-2021-0982 was published Dec 16, 2021
In getSerialForPackage of DeviceIdentifiersPolicyService.java, there is a possible way to... Low Unreviewed
CVE-2021-0978 was published Dec 16, 2021
In StatusBar.java, there is a possible disclosure of notification content on the lockscreen due... Low Unreviewed
CVE-2021-39628 was published Jan 15, 2022
An issue with app access to camera metadata was addressed with improved logic. This issue is... Low Unreviewed
CVE-2022-22598 was published Mar 19, 2022
Renderers can obtain access to random bluetooth device without permission in Electron Low
CVE-2022-21718 was published for electron (npm) Mar 22, 2022
PalmerAL
A business logic error in Project Import in GitLab CE/EE versions 14.9 prior to 14.9.2, 14.8... Low Unreviewed
CVE-2022-1111 was published Apr 5, 2022
Improper access control vulnerability in SamsungContacts prior to SMR Apr-2022 Release 1 allows... Low Unreviewed
CVE-2022-26090 was published Apr 12, 2022
Exposure of Resource to Wrong Sphere in Simple-Wayland-HotKey-Daemon Low
CVE-2022-27814 was published for Simple-Wayland-HotKey-Daemon (Rust) Apr 15, 2022
Shinyzenith
In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was... Low Unreviewed
CVE-2022-29820 was published Apr 29, 2022
Opera 7.54 and earlier does not properly limit an applet's access to internal Java packages from... Low Unreviewed
CVE-2004-1489 was published Apr 29, 2022
Sensitive information accessible by physical probing of JTAG interface for some Intel(R)... Low Unreviewed
CVE-2022-0005 was published May 13, 2022
hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares... Low Unreviewed
CVE-2019-8934 was published May 13, 2022
An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet... Low Unreviewed
CVE-2020-11582 was published May 24, 2022
A pendingIntent hijacking vulnerability in Secure Folder prior to SMR APR-2021 Release 1 allows... Low Unreviewed
CVE-2021-25364 was published May 24, 2022
Information disclosure in the TeamCity plugin for IntelliJ before 2020.2.2.85899 was possible... Low Unreviewed
CVE-2021-26309 was published May 24, 2022
Information exposure vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8... Low Unreviewed
CVE-2021-25432 was published May 24, 2022
An issue was discovered in PrimeKey EJBCA before 7.6.0. As part of the configuration of the... Low Unreviewed
CVE-2021-40086 was published May 24, 2022
A lock screen issue allowed access to contacts on a locked device. This issue was addressed with... Low Unreviewed
CVE-2021-30815 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database