GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
371 advisories
Filter by severity
All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to...
Moderate
Unreviewed
CVE-2022-1989
was published
Aug 24, 2022
Mealie1.0.0beta3 is vulnerable to user enumeration via timing response discrepancy between users...
Moderate
Unreviewed
CVE-2022-34623
was published
Aug 20, 2022
Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to...
High
Unreviewed
CVE-2022-37459
was published
Aug 18, 2022
In Framework, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2022-20324
was published
Aug 13, 2022
In ActivityManager, there is a possible way to determine whether an app is installed, without...
Low
Unreviewed
CVE-2022-20320
was published
Aug 13, 2022
In PackageInstaller, there is a possible way to determine whether an app is installed, without...
Low
Unreviewed
CVE-2022-20318
was published
Aug 13, 2022
In ContentResolver, there is a possible way to determine whether an app is installed, without...
Low
Unreviewed
CVE-2022-20316
was published
Aug 13, 2022
In AppOpsService, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2022-20291
was published
Aug 13, 2022
In PackageInstaller, there is a possible way to determine whether an app is installed, without...
Low
Unreviewed
CVE-2022-20309
was published
Aug 13, 2022
In Content, there is a possible way to determinate the user's account due to side channel...
Moderate
Unreviewed
CVE-2022-20304
was published
Aug 13, 2022
In AlarmManagerService, there is a possible way to determine whether an app is installed, without...
Low
Unreviewed
CVE-2022-20307
was published
Aug 13, 2022
In LauncherApps, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2022-20293
was published
Aug 13, 2022
Side-channel information leakage in Keyboard input in Google Chrome prior to 104.0.5112.79...
Moderate
Unreviewed
CVE-2022-2612
was published
Aug 13, 2022
In LocaleManager, there is a possible way to determine whether an app is installed, without query...
Low
Unreviewed
CVE-2022-20249
was published
Aug 12, 2022
In Telephony, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2022-20242
was published
Aug 12, 2022
In PackageManager, there is a possible way to determine whether an app is installed, without...
Low
Unreviewed
CVE-2022-20252
was published
Aug 12, 2022
In LocaleManager, there is a possible way to determine whether an app is installed, without query...
Low
Unreviewed
CVE-2022-20251
was published
Aug 12, 2022
In USB Manager, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2021-0975
was published
Aug 12, 2022
A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance ...
High
Unreviewed
CVE-2022-20866
was published
Aug 11, 2022
Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU...
High
Unreviewed
CVE-2021-46778
was published
Aug 11, 2022
Windows Defender Credential Guard Information Disclosure Vulnerability. This CVE ID is unique...
Moderate
Unreviewed
CVE-2022-34704
was published
Aug 10, 2022
The login function of Mealie v1.0.0beta-2 allows attackers to enumerate existing usernames by...
Moderate
Unreviewed
CVE-2022-32425
was published
Jul 15, 2022
A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified...
Moderate
Unreviewed
CVE-2022-20752
was published
Jul 7, 2022
A user enumeration vulnerability in MELAG FTP Server 2.2.0.4 allows an attacker to identify valid...
Moderate
Unreviewed
CVE-2021-41634
was published
Jun 25, 2022
A potential vulnerability in some AMD processors using frequency scaling may allow an...
Moderate
Unreviewed
CVE-2022-23823
was published
Jun 16, 2022
ProTip!
Advisories are also available from the
GraphQL API