GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
103 advisories
Filter by severity
Privilege escalation by backend users assigned to the default "Publisher" system role
Low
CVE-2020-15248
was published
for
october/backend
(Composer)
Nov 23, 2020
Authenticated Privilege Escalation
Low
GHSA-5q58-x5h2-v5rx
was published
for
shopware/core
(Composer)
Dec 21, 2020
In getLine1NumberForDisplay of PhoneInterfaceManager.java, there is apossible way to determine...
Low
Unreviewed
CVE-2021-1034
was published
Dec 16, 2021
Improper authorization in TelephonyManager prior to SMR Jan-2022 Release 1 allows attackers to...
Low
Unreviewed
CVE-2022-22272
was published
Jan 11, 2022
Insufficient user authorization in Moodle
Low
CVE-2022-0333
was published
for
moodle/moodle
(Composer)
Jan 28, 2022
Improper access control vulnerability in Samsung SearchWidget prior to versions 2.3.00.6 in China...
Low
Unreviewed
CVE-2022-24923
was published
Feb 12, 2022
A flaw was found in the Linux kernels implementation of audit rules, where a syscall can...
Low
Unreviewed
CVE-2020-35501
was published
Mar 31, 2022
Improper access control vulnerability in Samsung Members prior to version 13.6.08.5 allows local...
Low
Unreviewed
CVE-2022-28777
was published
Apr 12, 2022
Improper access control vulnerability in Samsung Flow prior to version 4.8.06.5 allows attacker...
Low
Unreviewed
CVE-2022-28775
was published
Apr 12, 2022
Improper access control vulnerability in Samsung Security Supporter prior to version 1.2.40.0...
Low
Unreviewed
CVE-2022-28778
was published
Apr 12, 2022
A vulnerability in the Graphite interface of Cisco HyperFlex software could allow an...
Low
Unreviewed
CVE-2019-1667
was published
May 13, 2022
A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth...
Low
Unreviewed
CVE-2018-10910
was published
May 13, 2022
Huawei smartphones with software Victoria-AL00 8.0.0.336a(C00) have an information leakage...
Low
Unreviewed
CVE-2018-7957
was published
May 13, 2022
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through...
Low
Unreviewed
CVE-2020-5197
was published
May 24, 2022
HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper...
Low
Unreviewed
CVE-2020-1791
was published
May 24, 2022
Huawei mobile phones Ever-L29B versions earlier than 10.0.0.180(C185E6R3P3), earlier than 10.0.0...
Low
Unreviewed
CVE-2020-1882
was published
May 24, 2022
This issue was addressed with improved checks. This issue is fixed in iOS 13.3.1 and iPadOS 13.3...
Low
Unreviewed
CVE-2020-3844
was published
May 24, 2022
In setMasterMute of AudioService.java, there is a missing permission check. This could lead to...
Low
Unreviewed
CVE-2020-0047
was published
May 24, 2022
HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.188(C00E74R3P8) have an improper...
Low
Unreviewed
CVE-2020-1807
was published
May 24, 2022
An improper authorization in the receiver component of the Android Suite Daemon.Product:...
Low
Unreviewed
CVE-2020-0065
was published
May 24, 2022
An improper authorization while processing the provisioning data.Product: AndroidVersions:...
Low
Unreviewed
CVE-2020-0064
was published
May 24, 2022
An improper authorization in the receiver component of Email.Product: AndroidVersions: Android...
Low
Unreviewed
CVE-2020-0090
was published
May 24, 2022
HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper...
Low
Unreviewed
CVE-2020-1797
was published
May 24, 2022
An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does...
Low
Unreviewed
CVE-2020-13696
was published
May 24, 2022
Philips SureSigns VS4, A.07.107 and prior. The software does not restrict or incorrectly...
Low
Unreviewed
CVE-2020-16241
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API