GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
56 advisories
Filter by severity
In adjustStreamVolume of AudioService.java, there is a possible way for unprivileged app to...
High
Unreviewed
CVE-2021-1003
was published
Dec 16, 2021
Password vault has a External Control of System or Configuration Setting vulnerability.Successful...
High
Unreviewed
CVE-2021-39971
was published
Jan 4, 2022
ws-scrcpy is vulnerable to External Control of File Name or Path
High
Unreviewed
CVE-2021-3845
was published
Jan 5, 2022
In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due...
High
Unreviewed
CVE-2021-39626
was published
Jan 15, 2022
In setLaunchIntent of BluetoothDevicePickerPreferenceController.java, there is a possible way to...
High
Unreviewed
CVE-2021-1035
was published
Jan 15, 2022
In onActivityViewReady of DetailDialog.kt, there is a possible Intent Redirect due to a confused...
High
Unreviewed
CVE-2021-39668
was published
Feb 12, 2022
In openFileAndEnforcePathPermissionsHelper of MediaProvider.java, there is a possible bypass of a...
High
Unreviewed
CVE-2021-39663
was published
Feb 12, 2022
In onReceive of AppRestrictionsFragment.java, there is a possible way to start a phone call...
High
Unreviewed
CVE-2021-39707
was published
Mar 17, 2022
In updateState of UsbDeviceManager.java, there is a possible unauthorized access of files due to...
High
Unreviewed
CVE-2021-39703
was published
Mar 17, 2022
In SystemUI, there is a possible arbitrary Activity launch due to a confused deputy. This could...
High
Unreviewed
CVE-2021-39787
was published
Mar 31, 2022
A vulnerability in the software upgrade process of Cisco Unified Communications Manager (Unified...
High
Unreviewed
CVE-2022-20789
was published
Apr 22, 2022
A external control of file name or path in Fortinet FortiClientWindows version 7.0.2 and below,...
High
Unreviewed
CVE-2021-43066
was published
May 12, 2022
In package installer in Android-8.0, Android-8.1 and Android-9, there is a possible bypass of the...
High
Unreviewed
CVE-2018-9582
was published
May 13, 2022
This external control of file name or path vulnerability allows remote attackers to access or...
High
Unreviewed
CVE-2019-7195
was published
May 24, 2022
This external control of file name or path vulnerability allows remote attackers to access or...
High
Unreviewed
CVE-2019-7194
was published
May 24, 2022
ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote...
High
Unreviewed
CVE-2019-3996
was published
May 24, 2022
An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs...
High
Unreviewed
CVE-2020-6105
was published
May 24, 2022
The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to...
High
Unreviewed
CVE-2020-25161
was published
May 24, 2022
The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non...
High
Unreviewed
CVE-2021-30245
was published
May 24, 2022
An issue was discovered in MDaemon before 20.0.4. Administrators can use Remote Administration to...
High
Unreviewed
CVE-2021-27183
was published
May 24, 2022
Externally controlled reference to a resource in another sphere in quarantine functionality in...
High
Unreviewed
CVE-2021-27648
was published
May 24, 2022
In handleAppLaunch of AppLaunchActivity.java, there is a possible arbitrary activity launch due...
High
Unreviewed
CVE-2021-0608
was published
May 24, 2022
In onLoadFailed of AnnotateActivity.java, there is a possible way to gain WRITE_EXTERNAL_STORAGE...
High
Unreviewed
CVE-2021-0550
was published
May 24, 2022
In dropFile of WiFiInstaller, there is a way to delete files accessible to CertInstaller due to a...
High
Unreviewed
CVE-2021-0536
was published
May 24, 2022
A component of the HarmonyOS has a External Control of System or Configuration Setting...
High
Unreviewed
CVE-2021-22420
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API