GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
494 advisories
Filter by severity
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to User enumeration. The Systeam...
Moderate
Unreviewed
CVE-2021-44875
was published
Dec 22, 2021
Thinfinity VirtualUI before 3.0 allows a malicious actor to enumerate users registered in the OS ...
Moderate
Unreviewed
CVE-2021-44554
was published
Dec 21, 2021
In getNeighboringCellInfo of PhoneInterfaceManager.java, there is a possible way to determine...
Low
Unreviewed
CVE-2021-0987
was published
Dec 16, 2021
In hasManageOngoingCallsPermission of TelecomServiceImpl.java, there is a possible way to...
Low
Unreviewed
CVE-2021-0989
was published
Dec 16, 2021
In getLaunchedFromUid and getLaunchedFromPackage of ActivityClientController.java, there is a...
Low
Unreviewed
CVE-2021-0988
was published
Dec 16, 2021
In getDeviceId of PhoneSubInfoController.java, there is a possible way to determine whether an...
Low
Unreviewed
CVE-2021-0990
was published
Dec 16, 2021
In registerSuggestionConnectionStatusListener of WifiServiceImpl.java, there is a possible way to...
Low
Unreviewed
CVE-2021-0995
was published
Dec 16, 2021
In getDeviceIdWithFeature of PhoneInterfaceManager.java, there is a possible way to determine...
Moderate
Unreviewed
CVE-2021-1005
was published
Dec 16, 2021
In setApplicationCategoryHint of PackageManagerService.java, there is a possible way to determine...
Moderate
Unreviewed
CVE-2021-1009
was published
Dec 16, 2021
In onResume of NotificationAccessDetails.java, there is a possible way to determine whether an...
Moderate
Unreviewed
CVE-2021-1012
was published
Dec 16, 2021
In checkExistsAndEnforceCannotModifyImmutablyRestrictedPermission of PermissionManagerService...
Moderate
Unreviewed
CVE-2021-1013
was published
Dec 16, 2021
In getMeidForSlot of PhoneInterfaceManager.java, there is a possible way to determine whether an...
Low
Unreviewed
CVE-2021-1015
was published
Dec 16, 2021
In getNetworkTypeForSubscriber of PhoneInterfaceManager.java, there is a possible way to...
Moderate
Unreviewed
CVE-2021-1014
was published
Dec 16, 2021
In adjustStreamVolume of AudioService.java, there is a possible way to determine whether an app...
Low
Unreviewed
CVE-2021-1018
was published
Dec 16, 2021
In startRanging of RttServiceImpl.java, there is a possible way to determine whether an app is...
Moderate
Unreviewed
CVE-2021-1026
was published
Dec 16, 2021
In setNotificationsShownFromListener of NotificationManagerService.java, there is a possible way...
Moderate
Unreviewed
CVE-2021-1030
was published
Dec 16, 2021
In cancelNotificationsFromListener of NotificationManagerService.java, there is a possible way to...
Low
Unreviewed
CVE-2021-1031
was published
Dec 16, 2021
In getMimeGroup of PackageManagerService.java, there is a possible way to determine whether an...
Low
Unreviewed
CVE-2021-1032
was published
Dec 16, 2021
Observable Discrepancy in Argo
Moderate
CVE-2020-11576
was published
for
github.com/argoproj/argo-cd
(Go)
Dec 9, 2021
Observable Discrepancy in Apache Kafka
Moderate
CVE-2021-38153
was published
for
org.apache.kafka:kafka-clients
(Maven)
Sep 23, 2021
Observable Response Discrepancy in Lost Password Service
Moderate
CVE-2021-39189
was published
for
pimcore/pimcore
(Composer)
Sep 20, 2021
Observable Discrepancy in libsecp256k1-rs
Moderate
CVE-2019-20399
was published
for
libsecp256k1-rs
(Rust)
Aug 25, 2021
Timing based private key exposure in Bouncy Castle
Moderate
CVE-2020-15522
was published
for
BouncyCastle
(Maven)
Aug 13, 2021
Observable Timing Discrepancy in aaugustin websockets library
High
CVE-2021-33880
was published
for
websockets
(pip)
Jun 11, 2021
Observable Response Discrepancy in Flask-AppBuilder
Moderate
CVE-2021-29621
was published
for
Flask-AppBuilder
(pip)
May 27, 2021
ProTip!
Advisories are also available from the
GraphQL API