GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
70 advisories
Filter by severity
In music service, there is a missing permission check. This could lead to local information...
Low
Unreviewed
CVE-2023-33880
was published
Jul 12, 2023
In music service, there is a missing permission check. This could lead to local information...
Low
Unreviewed
CVE-2023-33879
was published
Jul 12, 2023
The Nested Pages plugin for WordPress is vulnerable to unauthorized loss of data due to a missing...
Low
Unreviewed
CVE-2023-2434
was published
May 31, 2023
In mnld, there is a possible leak of GPS location due to a missing permission check. This could...
Low
Unreviewed
CVE-2023-20726
was published
May 16, 2023
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). The client query...
Low
Unreviewed
CVE-2023-27462
was published
Mar 14, 2023
Missing Authorization vulnerability in One Hand Operation + prior to version 6.1.21 allows multi...
Low
Unreviewed
CVE-2023-21450
was published
Feb 9, 2023
The Royal Elementor Addons WordPress plugin before 1.3.56 does not have authorization and CSRF...
Low
Unreviewed
CVE-2022-4102
was published
Jan 10, 2023
In createDialog of WifiScanModeActivity.java, there is a possible way for a Guest user to enable...
Low
Unreviewed
CVE-2022-20537
was published
Dec 21, 2022
In registerBroadcastReceiver of RcsService.java, there is a possible way to change preferred TTY...
Low
Unreviewed
CVE-2022-20536
was published
Dec 21, 2022
In getSlice of WifiSlice.java, there is a possible way to connect a new WiFi network from the...
Low
Unreviewed
CVE-2022-20533
was published
Dec 20, 2022
In launchConfigNewNetworkFragment of NetworkProviderSettings.java, there is a possible way for...
Low
Unreviewed
CVE-2022-20556
was published
Dec 20, 2022
In onCreate of AddAppNetworksActivity.java, there is a possible way for a guest user to configure...
Low
Unreviewed
CVE-2022-20519
was published
Dec 20, 2022
Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows...
Low
Unreviewed
CVE-2022-39879
was published
Nov 10, 2022
In AlwaysOnHotwordDetector of AlwaysOnHotwordDetector.java, there is a possible way to access the...
Low
Unreviewed
CVE-2022-20446
was published
Nov 9, 2022
Unprotected Receiver in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows...
Low
Unreviewed
CVE-2022-39861
was published
Oct 7, 2022
Improper access control vulnerability in Telecom application prior to SMR Sep-2022 Release 1...
Low
Unreviewed
CVE-2022-36856
was published
Sep 10, 2022
A vulnerability was found in CrowdStrike Falcon 6.31.14505.0/6.42.15610. It has been classified...
Low
Unreviewed
CVE-2022-2841
was published
Aug 23, 2022
In SELinux policy, there is a possible way of inferring which websites are being opened in the...
Low
Unreviewed
CVE-2022-20340
was published
Aug 13, 2022
In Settings, there is a possible installed application disclosure due to a missing permission...
Low
Unreviewed
CVE-2022-20336
was published
Aug 13, 2022
In Wifi Slice, there is a possible way to adjust Wi-Fi settings even when the permission has been...
Low
Unreviewed
CVE-2022-20335
was published
Aug 13, 2022
Sensitive information exposure in onCharacteristicRead in Charm by Samsung prior to version 1.2.3...
Low
Unreviewed
CVE-2022-33733
was published
Aug 6, 2022
An authorization issue was addressed with improved state management. This issue is fixed in iOS...
Low
Unreviewed
CVE-2022-26703
was published
May 27, 2022
An exploitable information disclosure vulnerability exists in SoftPerfect’s RAM Disk 4.1 spvve...
Low
Unreviewed
CVE-2020-13523
was published
May 24, 2022
Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically...
Low
Unreviewed
CVE-2021-25409
was published
May 24, 2022
In LabCup before <v2_next_18022, it is possible to use the save API to perform unauthorized...
Low
Unreviewed
CVE-2021-33031
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API