Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

58 advisories

Loading
HCL Connections is vulnerable to a broken access control vulnerability that may allow an... Low Unreviewed
CVE-2024-42188 was published Nov 14, 2024
Moodle has insufficient access control Low
CVE-2024-43430 was published for moodle/moodle (Composer) Nov 11, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Low Unreviewed
CVE-2024-40792 was published Oct 28, 2024
Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported... Low Unreviewed
CVE-2024-21123 was published Jul 17, 2024
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk®... Low Unreviewed
CVE-2024-6326 was published Jul 16, 2024
Keycloak leaks configured LDAP bind credentials through the Keycloak admin console Low
CVE-2024-5967 was published for org.keycloak:keycloak-ldap-federation (Maven) Jun 21, 2024
MarkLee131
Duplicate Advisory: Keycloak: Leak of configured LDAP bind credentials Low
GHSA-gmrm-8fx4-66x7 was published for org.keycloak:keycloak-core (Maven) Jun 18, 2024 withdrawn
Insecure Permission vulnerability in Agasta Sanketlife 2.0 Pocket 12-Lead ECG Monitor FW Version... Low Unreviewed
CVE-2024-32368 was published Apr 22, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ... Low Unreviewed
CVE-2024-21002 was published Apr 17, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ... Low Unreviewed
CVE-2024-21004 was published Apr 17, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Low Unreviewed
CVE-2024-21012 was published Apr 17, 2024
In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments. Low Unreviewed
CVE-2024-30204 was published Mar 25, 2024
Local privilege escalation due to insecure folder permissions. The following products are... Low Unreviewed
CVE-2023-44157 was published Sep 27, 2023
Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1... Low Unreviewed
CVE-2023-21512 was published Jun 28, 2023
In sOpAllowSystemRestrictionBypass of AppOpsManager.java, there is a possible leak of location... Low Unreviewed
CVE-2022-20240 was published Dec 13, 2022
In PackageManager, there is a possible way to determine whether an app is installed due to a... Low Unreviewed
CVE-2022-20328 was published Aug 13, 2022
In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a... Low Unreviewed
CVE-2022-20311 was published Aug 13, 2022
In ContentService, there is a possible disclosure of available account types due to a missing... Low Unreviewed
CVE-2022-20305 was published Aug 13, 2022
In ActivityManager, there is a possible disclosure of installed packages due to a missing... Low Unreviewed
CVE-2022-20315 was published Aug 13, 2022
In Wi-Fi, there is a possible way to retrieve the WiFi SSID without location permissions due to a... Low Unreviewed
CVE-2022-20327 was published Aug 13, 2022
In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a... Low Unreviewed
CVE-2022-20310 was published Aug 13, 2022
In LocationManager, there is a possible way to get location information due to a missing... Low Unreviewed
CVE-2022-20261 was published Aug 13, 2022
In bluetooth, there is a possible way to enable or disable bluetooth connection without user... Low Unreviewed
CVE-2022-20267 was published Aug 13, 2022
In various methods of NotificationManagerService.java, there is a possible way to view... Low Unreviewed
CVE-2022-20359 was published Aug 11, 2022
In startSync of AbstractThreadedSyncAdapter.java, there is a possible way to access protected... Low Unreviewed
CVE-2022-20358 was published Aug 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database