GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,195

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

57 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In onCreate of DevicePickerFragment.java, there is a possible way to trick the user to select an... High Unreviewed

CVE-2021-0586 was published May 24, 2022

In onCreate of WiFiInstaller.java, there is a possible way to install a malicious Hotspot 2.0... High Unreviewed

CVE-2021-0537 was published May 24, 2022

In onCreate of EmergencyCallbackModeExitDialog.java, there is a possible exit of emergency... High Unreviewed

CVE-2021-0538 was published May 24, 2022

In ActivityPicker.java, there is a possible bypass of user interaction in intent resolution due... High Unreviewed

CVE-2021-0506 was published May 24, 2022

In onCreate of WifiScanModeActivity.java, there is a possible way to enable Wi-Fi scanning... High Unreviewed

CVE-2021-0523 was published May 24, 2022

A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more... High Unreviewed

CVE-2021-22866 was published May 24, 2022

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an unauthenticated,... High Unreviewed

CVE-2021-1403 was published May 24, 2022

When accepting a malicious intent from other installed apps, Firefox for Android accepted... High Unreviewed

CVE-2021-23976 was published May 24, 2022

In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a... High Unreviewed

CVE-2021-0333 was published May 24, 2022

In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack... High Unreviewed

CVE-2021-0331 was published May 24, 2022

In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This... High Unreviewed

CVE-2021-0305 was published May 24, 2022

In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This... High Unreviewed

CVE-2021-0302 was published May 24, 2022

In onCreate of UninstallerActivity, there is a possible way to uninstall an all without informed... High Unreviewed

CVE-2021-0314 was published May 24, 2022

In onCreate of GrantCredentialsPermissionActivity.java, there is a possible way to convince the... High Unreviewed

CVE-2021-0315 was published May 24, 2022

This affects the package MintegralAdSDK from 0.0.0. The SDK distributed by the company contains... High Unreviewed

CVE-2020-7705 was published May 24, 2022

In functionality implemented in System UI, there are insufficient protections implemented around... High Unreviewed

CVE-2018-9524 was published May 13, 2022

In computeFocusedWindow of RootWindowContainer.java, and related functions, there is possible... High Unreviewed

CVE-2018-9458 was published May 13, 2022

In PrestaShop through 1.7.2.5, a UI-Redressing/Clickjacking vulnerability was found that might... High Unreviewed

CVE-2018-7491 was published May 13, 2022

When the RSS Feed preview about:feeds page is framed within another page, it can be used in... High Unreviewed

CVE-2018-18496 was published May 13, 2022

In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there is a possible way to trick... High Unreviewed

CVE-2021-39796 was published Apr 13, 2022

The DuckDuckGo browser 7.64.4 on iOS allows Address Bar Spoofing due to mishandling of the... High Unreviewed

CVE-2021-44683 was published Mar 27, 2022

In onCreate of RequestManageCredentials.java, there is a possible way for a third party app to... High Unreviewed

CVE-2021-39702 was published Mar 17, 2022

In onCreate of SetupLayoutActivity.java, there is a possible way to setup a work profile... High Unreviewed

CVE-2021-39692 was published Mar 17, 2022

In onCreate of InstallCaCertificateWarning.java, there is a possible way to mislead an user about... High Unreviewed

CVE-2021-39669 was published Feb 12, 2022

A CWE-1021 Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could... High Unreviewed

CVE-2022-22807 was published Feb 11, 2022

Previous 123 Next

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

57 advisories