Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,386
Erlang
33
GitHub Actions
22
Go
2,144
Maven
5,000+
npm
3,808
NuGet
687
pip
3,480
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,154 advisories

Loading
In devicepolicy service, there is a possible permission bypass due to an unsafe PendingIntent.... Moderate Unreviewed
CVE-2020-0297 was published May 24, 2022
In Telephony, there is a possible permission bypass due to a missing permission check. This could... Moderate Unreviewed
CVE-2020-0284 was published May 24, 2022
In Telephony, there is a possible permission bypass due to a missing permission check. This could... Moderate Unreviewed
CVE-2020-0276 was published May 24, 2022
In Telephony, there is a possible permission bypass due to a missing permission check. This could... Moderate Unreviewed
CVE-2020-0285 was published May 24, 2022
An elevation of privilege vulnerability exists in Windows Setup in the way it handles permissions... High Unreviewed
CVE-2020-1571 was published May 24, 2022
Insecure inherited permissions in some Intel(R) PROSet/Wireless WiFi products on Windows* 7 and 8... Moderate Unreviewed
CVE-2020-0559 was published May 24, 2022
A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2,... High Unreviewed
CVE-2020-8026 was published May 24, 2022
An insufficient permission check vulnerability exists in Pulse Connect Secure <9.1R8 that allows... Moderate Unreviewed
CVE-2020-8219 was published May 24, 2022
In OSIsoft PI System multiple products and versions, a local attacker can exploit incorrect... High Unreviewed
CVE-2020-10606 was published May 24, 2022
Insufficient policy enforcement in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote... Moderate Unreviewed
CVE-2020-6527 was published May 24, 2022
An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for... Moderate Unreviewed
CVE-2020-15852 was published May 24, 2022
In onCommand of CompanionDeviceManagerService.java, there is a possible permissions bypass due to... High Unreviewed
CVE-2020-0227 was published May 24, 2022
In getUiccCardsInfo of PhoneInterfaceManager.java, there is a possible permissions bypass due to... Low Unreviewed
CVE-2020-0107 was published May 24, 2022
Silverstripe has Incorrect Default Permissions Moderate
CVE-2020-6165 was published for silverstripe/graphql (Composer) May 24, 2022
When constructing a permission prompt for WebRTC, a URI was supplied from the content process.... Moderate Unreviewed
CVE-2020-12424 was published May 24, 2022
When "%2F" was present in a manifest URL, Firefox's AppCache behavior may have become confused... Moderate Unreviewed
CVE-2020-12415 was published May 24, 2022
In versions 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, the BIG-IP system does not... Moderate Unreviewed
CVE-2020-5906 was published May 24, 2022
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507... Moderate Unreviewed
CVE-2020-8903 was published May 24, 2022
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507... Moderate Unreviewed
CVE-2020-8933 was published May 24, 2022
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507... Moderate Unreviewed
CVE-2020-8907 was published May 24, 2022
rtslib-fb weak permissions for /etc/target/saveconfig.json file High
CVE-2020-14019 was published for rtslib-fb (pip) May 24, 2022
I2P before 0.9.46 allows local users to gain privileges via a Trojan horse I2PSvc.exe file... High Unreviewed
CVE-2020-13431 was published May 24, 2022
In onCreate of ConfirmConnectActivity.java, there is a possible leak of Bluetooth information due... Moderate Unreviewed
CVE-2020-0215 was published May 24, 2022
In onStart of MainActivity.java, there is a possible bypass of developer settings requirements... Moderate Unreviewed
CVE-2020-0202 was published May 24, 2022
In setIPv6AddrGenMode of NetworkManagementService.java, there is a possible bypass of networking... Moderate Unreviewed
CVE-2020-0137 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database