Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

86 advisories

Loading
Some Dahua software products have a vulnerability of unauthenticated traceroute host from remote... Low Unreviewed
CVE-2022-45433 was published Dec 27, 2022
parse-server auth adapter app ID validation can be circumvented Low
CVE-2022-39231 was published for parse-server (npm) Sep 21, 2022
KarolisBan
Improper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical... Low Unreviewed
CVE-2022-33720 was published Aug 6, 2022
Improper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows... Low Unreviewed
CVE-2022-33689 was published Jul 13, 2022
IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to... Low Unreviewed
CVE-2022-22426 was published Jun 11, 2022
Improper authentication in InputManagerService prior to SMR Oct-2021 Release 1 allows monitoring... Low Unreviewed
CVE-2021-25484 was published May 24, 2022
Description: A person with physical access may be able to access contacts. This issue is fixed in... Low Unreviewed
CVE-2021-1862 was published May 24, 2022
An issue existed with authenticating the action triggered by an NFC tag. The issue was addressed... Low Unreviewed
CVE-2021-1863 was published May 24, 2022
Adobe Experience Manager Cloud Service offering, as well as versions 6.5.8.0 (and below) is... Low Unreviewed
CVE-2021-28626 was published May 24, 2022
Calling of non-existent provider in S Assistant prior to version 6.5.01.22 allows unauthorized... Low Unreviewed
CVE-2021-25341 was published May 24, 2022
Calling of non-existent provider in Samsung Members prior to version 2.4.81.13 (in Android O(8.1)... Low Unreviewed
CVE-2021-25343 was published May 24, 2022
Calling of non-existent provider in SMP sdk prior to version 3.0.9 allows unauthorized actions... Low Unreviewed
CVE-2021-25342 was published May 24, 2022
HUAWEI Mate 20 smartphones with versions earlier than 10.1.0.160(C00E160R2P11) have an improper... Low Unreviewed
CVE-2020-9251 was published May 24, 2022
BIOTRONIK CardioMessenger II, The affected products do not properly enforce mutual authentication... Low Unreviewed
CVE-2019-18246 was published May 24, 2022
BIOTRONIK CardioMessenger II, The affected products allow credential reuse for multiple... Low Unreviewed
CVE-2019-18252 was published May 24, 2022
An issue was discovered on Samsung mobile devices with Q(10.0) software. The Lockscreen feature... Low Unreviewed
CVE-2020-13837 was published May 24, 2022
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. The DeX... Low Unreviewed
CVE-2020-13838 was published May 24, 2022
An authentication bypass vulnerability exists in Microsoft YourPhoneCompanion application for... Low Unreviewed
CVE-2020-0943 was published May 24, 2022
The Telegram application through 5.12 for Android, when Show Popup is enabled, might allow... Low Unreviewed
CVE-2020-10570 was published May 24, 2022
Huawei smartphone OxfordS-AN00A with versions earlier than 10.0.1.152D(C735E152R3P3),versions... Low Unreviewed
CVE-2020-1878 was published May 24, 2022
An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3.... Low Unreviewed
CVE-2019-5108 was published May 24, 2022
The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in System Security Services... Low Unreviewed
CVE-2011-1758 was published May 17, 2022
GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit,... Low Unreviewed
CVE-2011-2176 was published May 17, 2022
IBM WebSphere Application Server 7.0 before 7.0.0.23, when a certain SSLv2 configuration with... Low Unreviewed
CVE-2012-0717 was published May 17, 2022
Disk Management in Apple Mac OS X before 10.8.4 does not properly authenticate attempts to... Low Unreviewed
CVE-2013-0985 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database