Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,361
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,794
NuGet
685
pip
3,473
Pub
12
RubyGems
895
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

342 advisories

Loading
In Content, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21318 was published Oct 30, 2023
In ActivityManagerService, there is a possible way to determine whether an app is installed,... Moderate Unreviewed
CVE-2023-21301 was published Oct 30, 2023
In UsageStatsService, there is a possible way to read installed 3rd party apps due to side... Moderate Unreviewed
CVE-2023-21319 was published Oct 30, 2023
In Content Service, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed
CVE-2023-21304 was published Oct 30, 2023
In Package Manager, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed
CVE-2023-21302 was published Oct 30, 2023
In Settings, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21325 was published Oct 30, 2023
In Device Policy, there is a possible way to verify if a particular admin app is registered on... Moderate Unreviewed
CVE-2023-21320 was published Oct 30, 2023
In InputMethod, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21331 was published Oct 30, 2023
In Overlay Manager, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed
CVE-2023-21330 was published Oct 30, 2023
In Content, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2023-21316 was published Oct 30, 2023
In Activity Manager, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed
CVE-2023-21323 was published Oct 30, 2023
In ContentService, there is a possible way to read installed sync content providers due to side... Moderate Unreviewed
CVE-2023-21306 was published Oct 30, 2023
In ContentService, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed
CVE-2023-21317 was published Oct 30, 2023
Using iterative requests an attacker was able to learn the size of an opaque response, as well as... Moderate Unreviewed
CVE-2023-5722 was published Oct 25, 2023
The AES implementation in the Texas Instruments OMAP L138 (secure variants), present in mask ROM,... Moderate Unreviewed
CVE-2022-25332 was published Oct 19, 2023
A vulnerability has been identified in Mendix Forgot Password (Mendix 10 compatible) (All... Moderate Unreviewed
CVE-2023-43623 was published Oct 10, 2023
PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software... Moderate Unreviewed
CVE-2023-44216 was published Sep 27, 2023
User enumeration vulnerability in Arconte Áurea 1.5.0.0 version. The exploitation of this... Moderate Unreviewed
CVE-2023-4095 was published Sep 19, 2023
User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could... Moderate Unreviewed
CVE-2023-3221 was published Sep 4, 2023
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the... Moderate Unreviewed
CVE-2023-20569 was published Aug 8, 2023
A potential power side-channel vulnerability in AMD processors may allow an authenticated... Moderate Unreviewed
CVE-2023-20583 was published Aug 1, 2023
Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy Moderate Unreviewed
CVE-2023-37217 was published Jul 30, 2023
User enumeration in On-premise SureMDM Solution on Windows deployment allows attacker to... Moderate Unreviewed
CVE-2023-3897 was published Jul 25, 2023
A potential power side-channel vulnerability in some AMD processors may allow an authenticated... Moderate Unreviewed
CVE-2023-20575 was published Jul 11, 2023
Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify... Moderate Unreviewed
CVE-2023-35698 was published Jul 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database