Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,428 advisories

Loading
Withdrawn: Arbitrary code execution in lodash Low Unreviewed
CVE-2021-41720 was published for lodash (npm) Dec 3, 2021
bookstack is vulnerable to Cross-Site Request Forgery (CSRF) Low
CVE-2021-3944 was published for ssddanbrown/bookstack (Composer) Dec 3, 2021
Adobe Bridge versions 11.1.1 (and earlier) are affected by an out-of-bounds read vulnerability... Low Unreviewed
CVE-2021-44187 was published Dec 8, 2021
Adobe Bridge versions 11.1.1 (and earlier) are affected by an out-of-bounds read vulnerability... Low Unreviewed
CVE-2021-44186 was published Dec 8, 2021
Adobe Bridge versions 11.1.1 (and earlier) are affected by an out-of-bounds read vulnerability... Low Unreviewed
CVE-2021-44185 was published Dec 8, 2021
Improper export of Android application components vulnerability in Samsung Pay (India only) prior... Low Unreviewed
CVE-2021-25527 was published Dec 9, 2021
Insecure storage of device information in Contacts prior to version 12.7.05.24 allows attacker to... Low Unreviewed
CVE-2021-25524 was published Dec 9, 2021
An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local... Low Unreviewed
CVE-2021-25519 was published Dec 9, 2021
Insecure storage of device information in Samsung Dialer prior to version 12.7.05.24 allows... Low Unreviewed
CVE-2021-25523 was published Dec 9, 2021
Insecure caller check in sharevia deeplink logic prior to Samsung Internet 16.0.2 allows... Low Unreviewed
CVE-2021-25521 was published Dec 9, 2021
Insecure storage of sensitive information vulnerability in Smart Capture prior to version 4.8.02... Low Unreviewed
CVE-2021-25522 was published Dec 9, 2021
An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows... Low Unreviewed
CVE-2021-25515 was published Dec 9, 2021
An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021... Low Unreviewed
CVE-2021-25513 was published Dec 9, 2021
Cross-Site Request Forgery in remdex/livehelperchat Low
CVE-2021-4049 was published for remdex/livehelperchat (Composer) Dec 10, 2021
Open Redirect in Flask-Security-Too Low
GHSA-gxjj-f44v-qm94 was published for Flask-Security-Too (pip) Dec 14, 2021 withdrawn
In getLine1NumberForDisplay of PhoneInterfaceManager.java, there is apossible way to determine... Low Unreviewed
CVE-2021-1034 was published Dec 16, 2021
In cancelNotificationsFromListener of NotificationManagerService.java, there is a possible way to... Low Unreviewed
CVE-2021-1031 was published Dec 16, 2021
In getMimeGroup of PackageManagerService.java, there is a possible way to determine whether an... Low Unreviewed
CVE-2021-1032 was published Dec 16, 2021
In adjustStreamVolume of AudioService.java, there is a possible way to determine whether an app... Low Unreviewed
CVE-2021-1018 was published Dec 16, 2021
In getMeidForSlot of PhoneInterfaceManager.java, there is a possible way to determine whether an... Low Unreviewed
CVE-2021-1015 was published Dec 16, 2021
In requestRouteToHostAddress of ConnectivityService.java, there is a possible way to determine... Low Unreviewed
CVE-2021-0994 was published Dec 16, 2021
In onCreate of PaymentDefaultDialog.java, there is a possible way to change a default payment app... Low Unreviewed
CVE-2021-0992 was published Dec 16, 2021
In registerSuggestionConnectionStatusListener of WifiServiceImpl.java, there is a possible way to... Low Unreviewed
CVE-2021-0995 was published Dec 16, 2021
In getDeviceId of PhoneSubInfoController.java, there is a possible way to determine whether an... Low Unreviewed
CVE-2021-0990 was published Dec 16, 2021
In OnMetadataChangedListener of AdvancedBluetoothDetailsHeaderController.java, there is a... Low Unreviewed
CVE-2021-0991 was published Dec 16, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database