Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
58
GitHub Actions
50
Go
3,799
Maven
5,000+
npm
5,000+
NuGet
938
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,351
Swift
54
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

15 advisories

Loading
Insufficient memory write check in SMM service for EDK II may allow an authenticated user to... Moderate Unreviewed
CVE-2018-12182 was published May 14, 2022
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0... Moderate Unreviewed
CVE-2018-16598 was published May 14, 2022
In getNumberFromCallIntent of NewOutgoingCallIntentBroadcaster.java, there is a possible way to... Moderate Unreviewed
CVE-2023-21082 was published Apr 19, 2023
Unintended proxy or intermediary ('Confused Deputy') issue exists in HMI ViewJet C-more series... Moderate Unreviewed
CVE-2025-25061 was published Apr 4, 2025
An external service interaction vulnerability in GitLab EE affecting all versions from 15.11... Moderate Unreviewed
CVE-2024-9870 was published Feb 12, 2025
In setRingtoneUri of VoicemailNotificationSettingsUtil.java , there is a possible cross user data... Moderate Unreviewed
CVE-2025-48529 was published Sep 4, 2025
In isSystemUid of AccountManagerService.java, there is a possible way for an app to access... Moderate Unreviewed
CVE-2025-48545 was published Sep 4, 2025
In multiple locations, there is a possible leak of an image across the Android User isolation... Moderate Unreviewed
CVE-2025-48551 was published Sep 4, 2025
In AndroidManifest.xml, there is a possible way for an app to monitor motion events due to a... Moderate Unreviewed
CVE-2025-48560 was published Sep 4, 2025
In App Widget, there is a possible Information Disclosure due to a confused deputy. This could... Moderate Unreviewed
CVE-2025-32317 was published Sep 5, 2025
In multiple locations, there is a possible way to alter the primary user's face unlock settings... Moderate Unreviewed
CVE-2025-48598 was published Dec 8, 2025
In onCreateTasks of CameraActivity.java, there is a possible permission bypass due to a confused... Moderate Unreviewed
CVE-2025-36889 was published Dec 11, 2025
The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users... Moderate Unreviewed
CVE-2024-0387 was published Feb 26, 2024
OpenClaw versions 2026.4.5 before 2026.4.20 contain an environment variable injection... Moderate Unreviewed
CVE-2026-44992 was published May 11, 2026
OpenClaw before 2026.4.22 allows workspace dotenv files to override connector endpoint hosts for... Moderate Unreviewed
CVE-2026-45003 was published May 11, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database