Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,499
Maven
5,000+
npm
4,138
NuGet
735
pip
3,945
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

613 advisories

Loading
In BTM_BleVerifySignature of btm_ble.cc, there is a possible way to bypass signature validation... Moderate Unreviewed
CVE-2023-40090 was published Dec 5, 2023
Marvin Attack: potential key recovery through timing sidechannels Moderate
CVE-2023-49092 was published for rsa (Rust) Nov 28, 2023
tomato42 lukas-braune
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK... High Unreviewed
CVE-2023-5981 was published Nov 28, 2023
UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message... Moderate Unreviewed
CVE-2023-47102 was published Nov 13, 2023
In Job Scheduler, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21344 was published Oct 30, 2023
In Text Services, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21332 was published Oct 30, 2023
In Text Services, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21333 was published Oct 30, 2023
In Input Method, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21338 was published Oct 30, 2023
In Settings, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21335 was published Oct 30, 2023
In Input Method, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21336 was published Oct 30, 2023
In InputMethod, there is a possible way to determine whether an app is installed, without query... High Unreviewed
CVE-2023-21337 was published Oct 30, 2023
In Media Projection, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed
CVE-2023-21350 was published Oct 30, 2023
In Package Manager Service, there is a possible way to determine whether an app is installed,... Moderate Unreviewed
CVE-2023-21354 was published Oct 30, 2023
In Package Manager, there is a possible way to determine whether an app is installed, without... Low Unreviewed
CVE-2023-21349 was published Oct 30, 2023
In Game Manager Service, there is a possible way to determine whether an app is installed,... Low Unreviewed
CVE-2023-21345 was published Oct 30, 2023
In the Device Idle Controller, there is a possible way to determine whether an app is installed,... Low Unreviewed
CVE-2023-21346 was published Oct 30, 2023
In Window Manager, there is a possible way to determine whether an app is installed, without... Low Unreviewed
CVE-2023-21348 was published Oct 30, 2023
In Package Installer, there is a possible way to determine whether an app is installed, without... High Unreviewed
CVE-2023-21324 was published Oct 30, 2023
In Slice, there is a possible disclosure of installed applications due to side channel... High Unreviewed
CVE-2023-21298 was published Oct 30, 2023
In ContentService, there is a possible way to read installed sync content providers due to side... Moderate Unreviewed
CVE-2023-21306 was published Oct 30, 2023
In UsageStatsService, there is a possible way to read installed 3rd party apps due to side... Moderate Unreviewed
CVE-2023-21319 was published Oct 30, 2023
In Overlay Manager, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed
CVE-2023-21330 was published Oct 30, 2023
In Permission, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21296 was published Oct 30, 2023
In Content Service, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed
CVE-2023-21304 was published Oct 30, 2023
In Content, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21305 was published Oct 30, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database