Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

79 advisories

Loading
In LabCup before <v2_next_18022, it is possible to use the save API to perform unauthorized... Low Unreviewed
CVE-2021-33031 was published May 24, 2022
Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically... Low Unreviewed
CVE-2021-25409 was published May 24, 2022
An exploitable information disclosure vulnerability exists in SoftPerfect’s RAM Disk 4.1 spvve... Low Unreviewed
CVE-2020-13523 was published May 24, 2022
An authorization issue was addressed with improved state management. This issue is fixed in iOS... Low Unreviewed
CVE-2022-26703 was published May 27, 2022
Sensitive information exposure in onCharacteristicRead in Charm by Samsung prior to version 1.2.3... Low Unreviewed
CVE-2022-33733 was published Aug 6, 2022
In Settings, there is a possible installed application disclosure due to a missing permission... Low Unreviewed
CVE-2022-20336 was published Aug 13, 2022
In Wifi Slice, there is a possible way to adjust Wi-Fi settings even when the permission has been... Low Unreviewed
CVE-2022-20335 was published Aug 13, 2022
In SELinux policy, there is a possible way of inferring which websites are being opened in the... Low Unreviewed
CVE-2022-20340 was published Aug 13, 2022
A vulnerability was found in CrowdStrike Falcon 6.31.14505.0/6.42.15610. It has been classified... Low Unreviewed
CVE-2022-2841 was published Aug 23, 2022
Improper access control vulnerability in Telecom application prior to SMR Sep-2022 Release 1... Low Unreviewed
CVE-2022-36856 was published Sep 10, 2022
Unprotected Receiver in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows... Low Unreviewed
CVE-2022-39861 was published Oct 7, 2022
In AlwaysOnHotwordDetector of AlwaysOnHotwordDetector.java, there is a possible way to access the... Low Unreviewed
CVE-2022-20446 was published Nov 9, 2022
Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows... Low Unreviewed
CVE-2022-39879 was published Nov 10, 2022
In onCreate of AddAppNetworksActivity.java, there is a possible way for a guest user to configure... Low Unreviewed
CVE-2022-20519 was published Dec 20, 2022
In launchConfigNewNetworkFragment of NetworkProviderSettings.java, there is a possible way for... Low Unreviewed
CVE-2022-20556 was published Dec 20, 2022
In getSlice of WifiSlice.java, there is a possible way to connect a new WiFi network from the... Low Unreviewed
CVE-2022-20533 was published Dec 20, 2022
In registerBroadcastReceiver of RcsService.java, there is a possible way to change preferred TTY... Low Unreviewed
CVE-2022-20536 was published Dec 21, 2022
In createDialog of WifiScanModeActivity.java, there is a possible way for a Guest user to enable... Low Unreviewed
CVE-2022-20537 was published Dec 21, 2022
The Royal Elementor Addons WordPress plugin before 1.3.56 does not have authorization and CSRF... Low Unreviewed
CVE-2022-4102 was published Jan 10, 2023
Any Flarum user including unactivated can reply in public discussions whose first post was permanently deleted Low
CVE-2023-22489 was published for flarum/core (Composer) Jan 10, 2023
clarkwinkelmann
Missing Authorization vulnerability in One Hand Operation + prior to version 6.1.21 allows multi... Low Unreviewed
CVE-2023-21450 was published Feb 9, 2023
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). The client query... Low Unreviewed
CVE-2023-27462 was published Mar 14, 2023
Answer Missing Authorization vulnerability Low
CVE-2023-2590 was published for github.com/answerdev/answer (Go) May 9, 2023
In mnld, there is a possible leak of GPS location due to a missing permission check. This could... Low Unreviewed
CVE-2023-20726 was published May 16, 2023
The Nested Pages plugin for WordPress is vulnerable to unauthorized loss of data due to a missing... Low Unreviewed
CVE-2023-2434 was published May 31, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database