Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,361
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,794
NuGet
685
pip
3,473
Pub
12
RubyGems
895
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

553 advisories

Loading
In Permission, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21296 was published Oct 30, 2023
In Content, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21305 was published Oct 30, 2023
In Content, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21318 was published Oct 30, 2023
In Package Manager Service, there is a possible way to determine whether an app is installed,... Moderate Unreviewed
CVE-2023-21326 was published Oct 30, 2023
In Permission Manager, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed
CVE-2023-21327 was published Oct 30, 2023
In Game Manager Service, there is a possible way to determine whether an app is installed,... Low Unreviewed
CVE-2023-21345 was published Oct 30, 2023
In the Device Idle Controller, there is a possible way to determine whether an app is installed,... Low Unreviewed
CVE-2023-21346 was published Oct 30, 2023
In Package Manager Service, there is a possible way to determine whether an app is installed,... Moderate Unreviewed
CVE-2023-21354 was published Oct 30, 2023
In Package Manager, there is a possible way to determine whether an app is installed, without... Low Unreviewed
CVE-2023-21349 was published Oct 30, 2023
In Window Manager, there is a possible way to determine whether an app is installed, without... Low Unreviewed
CVE-2023-21348 was published Oct 30, 2023
In Media Projection, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed
CVE-2023-21350 was published Oct 30, 2023
In Input Method, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21336 was published Oct 30, 2023
In Job Scheduler, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21344 was published Oct 30, 2023
In Text Services, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21333 was published Oct 30, 2023
In Text Services, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21332 was published Oct 30, 2023
In Input Method, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21338 was published Oct 30, 2023
In InputMethod, there is a possible way to determine whether an app is installed, without query... High Unreviewed
CVE-2023-21337 was published Oct 30, 2023
In Settings, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21335 was published Oct 30, 2023
UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message... Moderate Unreviewed
CVE-2023-47102 was published Nov 13, 2023
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK... High Unreviewed
CVE-2023-5981 was published Nov 28, 2023
Marvin Attack: potential key recovery through timing sidechannels Moderate
CVE-2023-49092 was published for rsa (Rust) Nov 28, 2023
tomato42 lukas-braune
In BTM_BleVerifySignature of btm_ble.cc, there is a possible way to bypass signature validation... Moderate Unreviewed
CVE-2023-40090 was published Dec 5, 2023
Before Go 1.20, the RSA based TLS key exchanges used the math/big library, which is not constant... High Unreviewed
CVE-2023-45287 was published Dec 5, 2023
The NSS code used for checking PKCS#1 v1.5 was leaking information useful in mounting... Moderate Unreviewed
CVE-2023-4421 was published Dec 12, 2023
yii2-authclient vulnerable to possible timing attack on string comparison in OAuth1, OAuth2 and OpenID Connect implementation Low
CVE-2023-50708 was published for yiisoft/yii2-authclient (Composer) Dec 18, 2023
rhertogh
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database