GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
302 advisories
Filter by severity
In ContextImpl, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2021-39754
was published
Mar 31, 2022
In Media, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2021-39761
was published
Mar 31, 2022
In AudioService, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2021-39760
was published
Mar 31, 2022
In Settings, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2021-39766
was published
Mar 31, 2022
In People, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2021-39775
was published
Mar 31, 2022
In VpnManagerService, there is a possible disclosure of installed VPN packages due to side...
Moderate
Unreviewed
CVE-2021-39773
was published
Mar 31, 2022
In TelecomManager, there is a possible way to check if a particular self managed phone account...
Moderate
Unreviewed
CVE-2021-39788
was published
Mar 31, 2022
In WallpaperManagerService, there is a possible way to determine whether an app is installed,...
Moderate
Unreviewed
CVE-2021-39791
was published
Mar 31, 2022
The pointer-validation logic in util/mem_util.rs in Occlum before 0.26.0 for Intel SGX acts as a...
Moderate
Unreviewed
CVE-2021-44421
was published
Mar 11, 2022
A vulnerability in Qlik Sense Enterprise on Windows could allow an remote attacker to enumerate...
Moderate
Unreviewed
CVE-2022-0564
was published
Feb 22, 2022
In isServiceDistractionOptimized of CarPackageManagerService.java, there is a possible disclosure...
Moderate
Unreviewed
CVE-2021-0524
was published
Feb 12, 2022
The password-reset form in ServiceNow Orlando provides different responses to invalid...
Moderate
Unreviewed
CVE-2021-45901
was published
Feb 11, 2022
IBM Guardium Data Encryption (GDE) 5.0.0.2 behaves differently or sends different responses under...
Moderate
Unreviewed
CVE-2021-39021
was published
Feb 3, 2022
In Bromite through 78.0.3904.130, there are adblock rules in the release APK; therefore, probing...
Moderate
Unreviewed
CVE-2019-25056
was published
Jan 27, 2022
In NocoDB, versions 0.9 to 0.83.8 are vulnerable to Observable Discrepancy in the password-reset...
Moderate
Unreviewed
CVE-2022-22120
was published
Jan 11, 2022
ManageEngine ADSelfService Plus below build 6116 contains an observable response discrepancy in...
Moderate
Unreviewed
CVE-2021-20147
was published
Jan 4, 2022
An issue was discovered in UTI Mutual fund Android application 5.4.18 and prior, allows attackers...
Moderate
Unreviewed
CVE-2020-35398
was published
Dec 24, 2021
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to User enumeration. The Systeam...
Moderate
Unreviewed
CVE-2021-44875
was published
Dec 22, 2021
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to User enumeration. The Systeam...
Moderate
Unreviewed
CVE-2021-44876
was published
Dec 22, 2021
Thinfinity VirtualUI before 3.0 allows a malicious actor to enumerate users registered in the OS ...
Moderate
Unreviewed
CVE-2021-44554
was published
Dec 21, 2021
In getDeviceIdWithFeature of PhoneInterfaceManager.java, there is a possible way to determine...
Moderate
Unreviewed
CVE-2021-1005
was published
Dec 16, 2021
In setApplicationCategoryHint of PackageManagerService.java, there is a possible way to determine...
Moderate
Unreviewed
CVE-2021-1009
was published
Dec 16, 2021
In onResume of NotificationAccessDetails.java, there is a possible way to determine whether an...
Moderate
Unreviewed
CVE-2021-1012
was published
Dec 16, 2021
In getNetworkTypeForSubscriber of PhoneInterfaceManager.java, there is a possible way to...
Moderate
Unreviewed
CVE-2021-1014
was published
Dec 16, 2021
In checkExistsAndEnforceCannotModifyImmutablyRestrictedPermission of PermissionManagerService...
Moderate
Unreviewed
CVE-2021-1013
was published
Dec 16, 2021
ProTip!
Advisories are also available from the
GraphQL API