Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

137,159 advisories

Loading
XML Injection vulnerability in xmltodict allows Input Data Manipulation.This issue affects... Moderate Unreviewed
CVE-2025-9375 was published Sep 5, 2025
Exposure of sensitive information to an unauthorized actor in Xbox allows an unauthorized... Moderate Unreviewed
CVE-2025-55242 was published Sep 5, 2025
In android_app of Android.bp, there is a possible way to launch any activity as a system user.... Moderate Unreviewed
CVE-2025-22415 was published Sep 4, 2025
In handlePackagesChanged of DevicePolicyManagerService.java, there is a possible persistent... Moderate Unreviewed
CVE-2025-48554 was published Sep 4, 2025
In setApplicationHiddenSettingAsUser of PackageManagerService.java, there is a possible way to... Moderate Unreviewed
CVE-2025-48538 was published Sep 4, 2025
In multiple locations, there is a possible leak of an image across the Android User isolation... Moderate Unreviewed
CVE-2025-48551 was published Sep 4, 2025
In multiple functions of AppOpsService.java, there is a possible add a large amount of app ops... Moderate Unreviewed
CVE-2025-48559 was published Sep 4, 2025
In multiple locations, there is a possible way to access data displayed on the screen due to side... Moderate Unreviewed
CVE-2025-48561 was published Sep 4, 2025
In writeContent of RemotePrintDocument.java, there is a possible information disclosure due to a... Moderate Unreviewed
CVE-2025-48562 was published Sep 4, 2025
In setupAccessibilityServices of AccessibilityFragment.java , there is a possible way to hide an... Moderate Unreviewed
CVE-2024-40664 was published Sep 4, 2025
In generateRandomPassword of LocalBluetoothLeBroadcast.java, there is a possible way to intercept... Moderate Unreviewed
CVE-2025-32330 was published Sep 4, 2025
In AndroidManifest.xml, there is a possible way for an app to monitor motion events due to a... Moderate Unreviewed
CVE-2025-48560 was published Sep 4, 2025
In isSystem of WifiPermissionsUtil.java, there is a possible permission bypass due to a missing... Moderate Unreviewed
CVE-2025-48524 was published Sep 4, 2025
In createMultiProfilePagerAdapter of ChooserActivity.java , there is a possible way for an app to... Moderate Unreviewed
CVE-2025-48526 was published Sep 4, 2025
In multiple locations, there is a possible way to leak hidden work profile notifications due to a... Moderate Unreviewed
CVE-2025-48527 was published Sep 4, 2025
In multiple locations, there is a possible way to overlay biometrics due to a tapjacking/overlay... Moderate Unreviewed
CVE-2025-48528 was published Sep 4, 2025
In setRingtoneUri of VoicemailNotificationSettingsUtil.java , there is a possible cross user data... Moderate Unreviewed
CVE-2025-48529 was published Sep 4, 2025
In isSystemUid of AccountManagerService.java, there is a possible way for an app to access... Moderate Unreviewed
CVE-2025-48545 was published Sep 4, 2025
In testGrantSlicePermission of SliceManagerTest.java, there is a possible permanent denial of... Moderate Unreviewed
CVE-2025-48550 was published Sep 4, 2025
In multiple functions of AccountManagerService.java, there is a possible permanent denial of... Moderate Unreviewed
CVE-2025-48542 was published Sep 4, 2025
In apk-versions.txt, there is a possible corruption of telemetry opt-in settings on other watches... Moderate Unreviewed
CVE-2024-49731 was published Sep 4, 2025
In collectOps of AppOpsService.java, there is a possible way to cause permanent DoS due to... Moderate Unreviewed
CVE-2025-26429 was published Sep 4, 2025
In onCreate of UninstallerActivity.java, there is a possible way to uninstall a different user's... Moderate Unreviewed
CVE-2025-0087 was published Sep 4, 2025
In multiple functions of UserController.java, there is a possible lock screen bypass due to a... Moderate Unreviewed
CVE-2025-0077 was published Sep 4, 2025
In multiple functions of RoleService.java, there is a possible permission squatting vulnerability... Moderate Unreviewed
CVE-2025-26425 was published Sep 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database