Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,428 advisories

Loading
In getLaunchedFromUid and getLaunchedFromPackage of ActivityClientController.java, there is a... Low Unreviewed
CVE-2021-0988 was published Dec 16, 2021
In hasManageOngoingCallsPermission of TelecomServiceImpl.java, there is a possible way to... Low Unreviewed
CVE-2021-0989 was published Dec 16, 2021
In getNeighboringCellInfo of PhoneInterfaceManager.java, there is a possible way to determine... Low Unreviewed
CVE-2021-0987 was published Dec 16, 2021
In createAdminSupportIntent of DevicePolicyManagerService.java, there is a possible way to... Low Unreviewed
CVE-2021-0983 was published Dec 16, 2021
In getOrganizationNameForUser of DevicePolicyManagerService.java, there is a possible... Low Unreviewed
CVE-2021-0982 was published Dec 16, 2021
In getSerialForPackage of DeviceIdentifiersPolicyService.java, there is a possible way to... Low Unreviewed
CVE-2021-0978 was published Dec 16, 2021
Inability to de-op players if listed in ops.txt with non-lowercase letters Low
GHSA-j5qg-w9jg-3wg3 was published for pocketmine/pocketmine-mp (Composer) Dec 16, 2021
Regular Expression Denial of Service (ReDoS) in jsx-slack Low
CVE-2021-43838 was published for jsx-slack (npm) Dec 17, 2021
hieki
devices resource list treated as a blacklist by default Low
GHSA-g54h-m393-cpwq was published for github.com/opencontainers/runc (Go) Dec 20, 2021
cyphar
Adobe Audition versions 14.4 (and earlier), and 22.0 (and earlier)are affected by an out-of... Low Unreviewed
CVE-2021-44699 was published Dec 21, 2021
Adobe Audition versions 14.4 (and earlier), and 22.0 (and earlier)are affected by an out-of... Low Unreviewed
CVE-2021-44697 was published Dec 21, 2021
Adobe Audition versions 14.4 (and earlier), and 22.0 (and earlier)are affected by an out-of... Low Unreviewed
CVE-2021-44698 was published Dec 21, 2021
Adobe Dimension versions 3.4.3 (and earlier) are affected by an out-of-bounds read vulnerability... Low Unreviewed
CVE-2021-44182 was published Dec 21, 2021
Adobe Dimension versions 3.4.3 (and earlier) are affected by an out-of-bounds read vulnerability... Low Unreviewed
CVE-2021-44183 was published Dec 21, 2021
Adobe Dimension versions 3.4.3 (and earlier) are affected by an out-of-bounds read vulnerability... Low Unreviewed
CVE-2021-43763 was published Dec 21, 2021
Adobe Premiere Rush versions 1.5.16 (and earlier) allows access to an uninitialized pointer... Low Unreviewed
CVE-2021-43030 was published Dec 21, 2021
Adobe Premiere Rush versions 1.5.16 (and earlier) allows access to an uninitialized pointer... Low Unreviewed
CVE-2021-43746 was published Dec 21, 2021
An issue existed in preventing the uploading of CallKit call history to iCloud. This issue was... Low Unreviewed
CVE-2017-2375 was published Dec 24, 2021
The programming function of Shockwall system has an improper input validation vulnerability. An... Low Unreviewed
CVE-2021-45916 was published Jan 4, 2022
Cross-site scripting in Apache Syncome EndUser Low
CVE-2019-17557 was published for org.apache.syncope.client:syncope-client-enduser (Maven) Jan 6, 2022
Regular Expression Denial of Service (ReDoS) in braces Low
CVE-2018-1109 was published for braces (npm) Jan 6, 2022
jquery.terminal self XSS on user input Low
CVE-2021-43862 was published for jquery.terminal (npm) Jan 6, 2022
Nahiiko
Insufficient Session Expiration in shopware Low
CVE-2022-21652 was published for shopware/shopware (Composer) Jan 6, 2022
kubectl ANSI escape characters not filtered Low
CVE-2021-25743 was published for k8s.io/kubernetes (Go) Jan 8, 2022
dgl
URL parsing in node-forge could lead to undesired behavior. Low
GHSA-gf8q-jrpm-jvxq was published for node-forge (npm) Jan 8, 2022
kurt-r2c
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database