GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
43 advisories
Filter by severity
i2p before 2.3.0 (Java) allows de-anonymizing the public IPv4 and IPv6 addresses of i2p hidden...
Low
Unreviewed
CVE-2023-36325
was published
Oct 9, 2024
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are...
Low
Unreviewed
CVE-2024-21251
was published
Oct 15, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
Low
Unreviewed
CVE-2024-21208
was published
Oct 15, 2024
Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are...
Low
Unreviewed
CVE-2024-21210
was published
Oct 15, 2024
This issue was addressed by restricting options offered on a locked device. This issue is fixed...
Low
Unreviewed
CVE-2022-46724
was published
Aug 15, 2023
IBM Db2 for i 7.2, 7.3, 7.4, and 7.5 supplies user defined table function is vulnerable to user...
Low
Unreviewed
CVE-2024-31870
was published
Jun 15, 2024
** DISPUTED ** On Mooltipass Mini devices, a side channel for the row-based OLED display was...
Low
Unreviewed
CVE-2019-14357
was published
May 24, 2022
** DISPUTED ** On ShapeShift KeepKey devices, a side channel for the row-based OLED display was...
Low
Unreviewed
CVE-2019-14355
was published
May 24, 2022
** DISPUTED ** On BC Vault devices, a side channel for the row-based SSD1309 OLED display was...
Low
Unreviewed
CVE-2019-14359
was published
May 24, 2022
In placeCall of TelecomManager.java, there is a possible way to determine whether an app is...
Low
Unreviewed
CVE-2022-20531
was published
Dec 20, 2022
An information disclosure vulnerability exists on ARM implementations that use speculative...
Low
Unreviewed
CVE-2020-1459
was published
May 24, 2022
In Package Manager, there is a possible way to determine whether an app is installed, without...
Low
Unreviewed
CVE-2023-21349
was published
Oct 30, 2023
In Window Manager, there is a possible way to determine whether an app is installed, without...
Low
Unreviewed
CVE-2023-21348
was published
Oct 30, 2023
In Game Manager Service, there is a possible way to determine whether an app is installed,...
Low
Unreviewed
CVE-2023-21345
was published
Oct 30, 2023
In the Device Idle Controller, there is a possible way to determine whether an app is installed,...
Low
Unreviewed
CVE-2023-21346
was published
Oct 30, 2023
lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer...
Low
Unreviewed
CVE-2022-47952
was published
Jan 1, 2023
In LocaleManager, there is a possible way to determine whether an app is installed, without query...
Low
Unreviewed
CVE-2022-20249
was published
Aug 12, 2022
In LocaleManager, there is a possible way to determine whether an app is installed, without query...
Low
Unreviewed
CVE-2022-20251
was published
Aug 12, 2022
In PackageManager, there is a possible way to determine whether an app is installed, without...
Low
Unreviewed
CVE-2022-20252
was published
Aug 12, 2022
In registerSuggestionConnectionStatusListener of WifiServiceImpl.java, there is a possible way to...
Low
Unreviewed
CVE-2021-0995
was published
Dec 16, 2021
In cancelNotificationsFromListener of NotificationManagerService.java, there is a possible way to...
Low
Unreviewed
CVE-2021-1031
was published
Dec 16, 2021
In getNeighboringCellInfo of PhoneInterfaceManager.java, there is a possible way to determine...
Low
Unreviewed
CVE-2021-0987
was published
Dec 16, 2021
In getLaunchedFromUid and getLaunchedFromPackage of ActivityClientController.java, there is a...
Low
Unreviewed
CVE-2021-0988
was published
Dec 16, 2021
In getDeviceId of PhoneSubInfoController.java, there is a possible way to determine whether an...
Low
Unreviewed
CVE-2021-0990
was published
Dec 16, 2021
In getMeidForSlot of PhoneInterfaceManager.java, there is a possible way to determine whether an...
Low
Unreviewed
CVE-2021-1015
was published
Dec 16, 2021
ProTip!
Advisories are also available from the
GraphQL API