Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

371 advisories

Loading
In getMimeGroup of PackageManagerService.java, there is a possible way to determine whether an... Low Unreviewed
CVE-2021-1032 was published Dec 16, 2021
In cancelNotificationsFromListener of NotificationManagerService.java, there is a possible way to... Low Unreviewed
CVE-2021-1031 was published Dec 16, 2021
In setNotificationsShownFromListener of NotificationManagerService.java, there is a possible way... Moderate Unreviewed
CVE-2021-1030 was published Dec 16, 2021
In startRanging of RttServiceImpl.java, there is a possible way to determine whether an app is... Moderate Unreviewed
CVE-2021-1026 was published Dec 16, 2021
In adjustStreamVolume of AudioService.java, there is a possible way to determine whether an app... Low Unreviewed
CVE-2021-1018 was published Dec 16, 2021
In checkExistsAndEnforceCannotModifyImmutablyRestrictedPermission of PermissionManagerService... Moderate Unreviewed
CVE-2021-1013 was published Dec 16, 2021
In getNetworkTypeForSubscriber of PhoneInterfaceManager.java, there is a possible way to... Moderate Unreviewed
CVE-2021-1014 was published Dec 16, 2021
In getMeidForSlot of PhoneInterfaceManager.java, there is a possible way to determine whether an... Low Unreviewed
CVE-2021-1015 was published Dec 16, 2021
In onResume of NotificationAccessDetails.java, there is a possible way to determine whether an... Moderate Unreviewed
CVE-2021-1012 was published Dec 16, 2021
In setApplicationCategoryHint of PackageManagerService.java, there is a possible way to determine... Moderate Unreviewed
CVE-2021-1009 was published Dec 16, 2021
In getDeviceIdWithFeature of PhoneInterfaceManager.java, there is a possible way to determine... Moderate Unreviewed
CVE-2021-1005 was published Dec 16, 2021
In registerSuggestionConnectionStatusListener of WifiServiceImpl.java, there is a possible way to... Low Unreviewed
CVE-2021-0995 was published Dec 16, 2021
In getDeviceId of PhoneSubInfoController.java, there is a possible way to determine whether an... Low Unreviewed
CVE-2021-0990 was published Dec 16, 2021
In hasManageOngoingCallsPermission of TelecomServiceImpl.java, there is a possible way to... Low Unreviewed
CVE-2021-0989 was published Dec 16, 2021
In getLaunchedFromUid and getLaunchedFromPackage of ActivityClientController.java, there is a... Low Unreviewed
CVE-2021-0988 was published Dec 16, 2021
In getNeighboringCellInfo of PhoneInterfaceManager.java, there is a possible way to determine... Low Unreviewed
CVE-2021-0987 was published Dec 16, 2021
Thinfinity VirtualUI before 3.0 allows a malicious actor to enumerate users registered in the OS ... Moderate Unreviewed
CVE-2021-44554 was published Dec 21, 2021
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to User enumeration. The Systeam... Moderate Unreviewed
CVE-2021-44875 was published Dec 22, 2021
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to User enumeration. The Systeam... Moderate Unreviewed
CVE-2021-44876 was published Dec 22, 2021
An issue was discovered in UTI Mutual fund Android application 5.4.18 and prior, allows attackers... Moderate Unreviewed
CVE-2020-35398 was published Dec 24, 2021
A vulnerability in SonicWall SMA100 password change API allows a remote unauthenticated attacker... High Unreviewed
CVE-2021-20049 was published Dec 24, 2021
ManageEngine ADSelfService Plus below build 6116 contains an observable response discrepancy in... Moderate Unreviewed
CVE-2021-20147 was published Jan 4, 2022
In NocoDB, versions 0.9 to 0.83.8 are vulnerable to Observable Discrepancy in the password-reset... Moderate Unreviewed
CVE-2022-22120 was published Jan 11, 2022
In Bromite through 78.0.3904.130, there are adblock rules in the release APK; therefore, probing... Moderate Unreviewed
CVE-2019-25056 was published Jan 27, 2022
IBM Guardium Data Encryption (GDE) 5.0.0.2 behaves differently or sends different responses under... Moderate Unreviewed
CVE-2021-39021 was published Feb 3, 2022
ProTip! Advisories are also available from the GraphQL API