Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

80 advisories

Loading
Bypass of fix for CVE-2020-15247, Twig sandbox escape Low
CVE-2020-26231 was published for october/cms (Composer) Nov 23, 2020
ka1n4t
Key Caching behavior in the DynamoDB Encryption Client. Low
GHSA-w736-hf9p-qqh3 was published for com.amazonaws:aws-dynamodb-encryption-java (Maven) Feb 8, 2021
Key Caching behavior in the DynamoDB Encryption Client. Low
GHSA-4ph2-8337-hm62 was published for dynamodb-encryption-sdk (pip) Feb 8, 2021
Generation of fake documents via public GET-call Low
GHSA-jvg4-9rc2-wvcr was published for shopware/platform (Composer) Feb 10, 2021
An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local... Low Unreviewed
CVE-2021-25519 was published Dec 9, 2021
The Ibtana WordPress plugin before 1.1.4.9 does not have authorisation and CSRF checks in the... Low Unreviewed
CVE-2021-25014 was published Feb 15, 2022
The Duplicate Page or Post WordPress plugin before 1.5.1 does not have any authorisation and has... Low Unreviewed
CVE-2021-25075 was published Feb 22, 2022
Renderers can obtain access to random bluetooth device without permission in Electron Low
CVE-2022-21718 was published for electron (npm) Mar 22, 2022
PalmerAL
The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins... Low Unreviewed
CVE-2017-5930 was published May 13, 2022
The KEYS subsystem in the Linux kernel before 4.14.6 omitted an access-control check when adding... Low Unreviewed
CVE-2017-17807 was published May 13, 2022
lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create... Low Unreviewed
CVE-2017-5985 was published May 13, 2022
In SyncStatusObserver, there is a possible bypass for operating system protections that isolate... Low Unreviewed
CVE-2019-9351 was published May 24, 2022
In FingerprintService, there is a possible bypass for operating system protections that isolate... Low Unreviewed
CVE-2019-9377 was published May 24, 2022
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel... Low Unreviewed
CVE-2019-17055 was published May 24, 2022
A flaw was discovered in ibus that allows any unprivileged user to monitor and send method calls... Low Unreviewed
CVE-2019-14822 was published May 24, 2022
The issue was addressed with improved permissions logic. This issue is fixed in iTunes for... Low Unreviewed
CVE-2020-3861 was published May 24, 2022
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.4 and... Low Unreviewed
CVE-2020-3891 was published May 24, 2022
Zoom Client for Meetings through 4.6.8 on macOS has the disable-library-validation entitlement,... Low Unreviewed
CVE-2020-11470 was published May 24, 2022
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. There is... Low Unreviewed
CVE-2020-11601 was published May 24, 2022
An information disclosure vulnerability exists when Windows Mobile Device Management (MDM)... Low Unreviewed
CVE-2020-0989 was published May 24, 2022
Telegram Desktop through 2.4.3 does not require passcode entry upon pushing the Export key within... Low Unreviewed
CVE-2020-25824 was published May 24, 2022
The issue was addressed with improved validation when an iCloud Link is created. This issue is... Low Unreviewed
CVE-2019-8857 was published May 24, 2022
In JetBrains Code With Me before 2020.3, an attacker on the local network, knowing a session ID,... Low Unreviewed
CVE-2021-25755 was published May 24, 2022
Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8 are susceptible to a... Low Unreviewed
CVE-2021-26988 was published May 24, 2022
A lock screen issue allowed access to contacts on a locked device. This issue was addressed with... Low Unreviewed
CVE-2021-1755 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database