Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

496 advisories

Loading
In isPackageDeviceAdmin of PackageManagerService.java, there is a possible edge case which could... High Unreviewed
CVE-2024-43769 was published Jan 3, 2025
In startListeningForDeviceStateChanges, there is a possible Permission Bypass due to a confused... High Unreviewed
CVE-2024-53841 was published Jan 3, 2025
there is a possible to add apps to bypass VPN due to Undeclared Permission . This could lead to... High Unreviewed
CVE-2024-11624 was published Jan 3, 2025
there is a possible biometric bypass due to an unusual root cause. This could lead to local... High Unreviewed
CVE-2024-53840 was published Jan 3, 2025
there is a possible biometric bypass due to an unusual root cause. This could lead to local... High Unreviewed
CVE-2024-53835 was published Jan 3, 2025
EaseUS Todo Backup version 20220111.390 - An omission during installation may allow a local... High Unreviewed
CVE-2023-32221 was published Jun 12, 2023
Some Huawei wearables have a permission management vulnerability. High Unreviewed
CVE-2021-37000 was published Dec 28, 2024
Delinea Privilege Manager before 12.0.2 mishandles the security of the Windows agent. High Unreviewed
CVE-2024-52926 was published Nov 18, 2024
Incorrect default permissions vulnerability in Evoko Home, affecting version 2.4.2 to 2.7.4. A... High Unreviewed
CVE-2024-12903 was published Dec 23, 2024
Keyfactor Command before 12.5.0 has Incorrect Access Control: access tokens are over permissioned... High Unreviewed
CVE-2024-49202 was published Dec 18, 2024
Incorrect Default Permissions vulnerability in Edgecross Basic Software for Windows versions 1.00... High Unreviewed
CVE-2024-4229 was published Dec 19, 2024
CA Client Automation (ITCM) allows non-admin/non-root users to encrypt a string using CAF CLI and... High Unreviewed
CVE-2024-38499 was published Dec 17, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2024-44224 was published Dec 12, 2024
In onResume of AppManagementFragment.java, there is a possible way to prevent users from... High Unreviewed
CVE-2023-21121 was published Jun 15, 2023
In getFullScreenIntentDecision of NotificationInterruptStateProviderImpl.java, there is a... High Unreviewed
CVE-2023-21129 was published Jun 15, 2023
In bindOutputSwitcherAndBroadcastButton of MediaControlPanel.java, there is a possible launch... High Unreviewed
CVE-2023-21126 was published Jun 15, 2023
In various functions of AppStandbyController.java, there is a possible way to break manageability... High Unreviewed
CVE-2023-21128 was published Jun 15, 2023
In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings... High Unreviewed
CVE-2017-13314 was published Nov 16, 2024
In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an... High Unreviewed
CVE-2023-21270 was published Nov 19, 2024
In mayAdminGrantPermission of AdminRestrictedPermissionsUtils.java, there is a possible way to... High Unreviewed
CVE-2024-40661 was published Nov 13, 2024
In updateInternal of MediaProvider.java , there is a possible access of another app's files due... High Unreviewed
CVE-2024-43089 was published Nov 13, 2024
In bindPlayer of MediaControlPanel.java, there is a possible launch arbitrary activity in SysUI... High Unreviewed
CVE-2023-21139 was published Jun 15, 2023
In onNullBinding of CallRedirectionProcessor.java, there is a possible long lived connection due... High Unreviewed
CVE-2023-21138 was published Jun 15, 2023
The MC990 X and UV300 RMC component has and inadequate default configuration that could be... High Unreviewed
CVE-2023-30905 was published Jun 16, 2023
Epic Games Launcher Incorrect Default Permissions Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2024-11872 was published Dec 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database