GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,587
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,988
Maven 5,170
npm 3,704
NuGet 661
pip 3,332
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,200

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

402 advisories

Filter by severity

Sort by

Least recently updated

In Slice, there is a possible disclosure of installed applications due to side channel... High Unreviewed

CVE-2023-21298 was published Oct 30, 2023

In Package Installer, there is a possible way to determine whether an app is installed, without... High Unreviewed

CVE-2023-21324 was published Oct 30, 2023

In Package Manager, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed

CVE-2023-21302 was published Oct 30, 2023

In Permission, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed

CVE-2023-21296 was published Oct 30, 2023

In Content, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed

CVE-2023-21316 was published Oct 30, 2023

In UsageStatsService, there is a possible way to read installed 3rd party apps due to side... Moderate Unreviewed

CVE-2023-21319 was published Oct 30, 2023

In ContentService, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed

CVE-2023-21317 was published Oct 30, 2023

In Overlay Manager, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed

CVE-2023-21330 was published Oct 30, 2023

In PackageManagerNative, there is a possible way to determine whether an app is installed,... Moderate Unreviewed

CVE-2023-21293 was published Oct 30, 2023

In Content, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed

CVE-2023-21305 was published Oct 30, 2023

In Content, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed

CVE-2023-21318 was published Oct 30, 2023

In Activity Manager, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed

CVE-2023-21323 was published Oct 30, 2023

In Settings, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed

CVE-2023-21325 was published Oct 30, 2023

In InputMethod, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed

CVE-2023-21331 was published Oct 30, 2023

In Usage Stats Service, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed

CVE-2022-20264 was published Oct 30, 2023

Using iterative requests an attacker was able to learn the size of an opaque response, as well as... Moderate Unreviewed

CVE-2023-5722 was published Oct 25, 2023

The AES implementation in the Texas Instruments OMAP L138 (secure variants), present in mask ROM,... Moderate Unreviewed

CVE-2022-25332 was published Oct 19, 2023

User enumeration is found in in PHPJabbers Appointment Scheduler 3.0. This issue occurs during... High Unreviewed

CVE-2023-36127 was published Oct 11, 2023

A vulnerability has been identified in Mendix Forgot Password (Mendix 10 compatible) (All... Moderate Unreviewed

CVE-2023-43623 was published Oct 10, 2023

PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software... Moderate Unreviewed

CVE-2023-44216 was published Sep 27, 2023

NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated... High Unreviewed

CVE-2023-25529 was published Sep 20, 2023

User enumeration vulnerability in Arconte Áurea 1.5.0.0 version. The exploitation of this... Moderate Unreviewed

CVE-2023-4095 was published Sep 19, 2023

User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could... Moderate Unreviewed

CVE-2023-3221 was published Sep 4, 2023

User enumeration is found in PHPJabbers Callback Widget v1.0. This issue occurs during password... Critical Unreviewed

CVE-2023-40756 was published Aug 28, 2023

IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a... High Unreviewed

CVE-2023-33850 was published Aug 22, 2023

Previous 1 2 3 4 5 6 7 … 16 17 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

402 advisories