Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,680
Erlang
29
GitHub Actions
16
Go
1,707
Maven
4,940
npm
3,473
NuGet
603
pip
2,993
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

92,722 advisories

In bindPlayer of MediaControlPanel.java, there is a possible launch arbitrary activity in SysUI... High Unreviewed
CVE-2023-21139 was published Jun 15, 2023
In doInBackground of NotificationContentInflater.java, there is a possible temporary denial or... High Unreviewed
CVE-2023-21144 was published Jun 15, 2023
Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier)... High Unreviewed
CVE-2023-29297 was published Jun 15, 2023
In sdpu_build_uuid_seq of sdp_discovery.cc, there is a possible out of bounds write due to a use... High Unreviewed
CVE-2023-21108 was published Jun 15, 2023
In multiple functions of cdm_engine.cpp, there is a possible use-after-free due to improper... High Unreviewed
CVE-2023-21120 was published Jun 15, 2023
In multiple functions of multiple files, there is a possible way to bypass the... High Unreviewed
CVE-2023-21123 was published Jun 15, 2023
In various functions of various files, there is a possible way to bypass the... High Unreviewed
CVE-2023-21122 was published Jun 15, 2023
In run of multiple files, there is a possible escalation of privilege due to unsafe... High Unreviewed
CVE-2023-21124 was published Jun 15, 2023
In getFullScreenIntentDecision of NotificationInterruptStateProviderImpl.java, there is a... High Unreviewed
CVE-2023-21129 was published Jun 15, 2023
In bindOutputSwitcherAndBroadcastButton of MediaControlPanel.java, there is a possible launch... High Unreviewed
CVE-2023-21126 was published Jun 15, 2023
In various functions of AppStandbyController.java, there is a possible way to break manageability... High Unreviewed
CVE-2023-21128 was published Jun 15, 2023
In onCreate of NotificationAccessSettings.java, there is a possible failure to persist... High Unreviewed
CVE-2023-21135 was published Jun 15, 2023
In multiple functions of WVDrmPlugin.cpp, there is a possible use after free due to a race... High Unreviewed
CVE-2023-21101 was published Jun 15, 2023
In btm_sec_encrypt_change of btm_sec.cc, there is a possible way to downgrade the link key type... High Unreviewed
CVE-2023-21115 was published Jun 15, 2023
In checkKeyIntentParceledCorrectly() of ActivityManagerService.java, there is a possible bypass... High Unreviewed
CVE-2023-21131 was published Jun 15, 2023
In onNullBinding of CallRedirectionProcessor.java, there is a possible long lived connection due... High Unreviewed
CVE-2023-21138 was published Jun 15, 2023
In readSampleData of NuMediaExtractor.cpp, there is a possible out of bounds write due to... High Unreviewed
CVE-2023-21127 was published Jun 15, 2023
In onResume of AppManagementFragment.java, there is a possible way to prevent users from... High Unreviewed
CVE-2023-21121 was published Jun 15, 2023
snappy-java's unchecked chunk length leads to DoS High
CVE-2023-34455 was published for org.xerial.snappy:snappy-java (Maven) Jun 15, 2023
srmish-jfrog
Cross-Site Request Forgery (CSRF) vulnerability allows arbitrary file upload in Shingo... High Unreviewed
CVE-2023-27634 was published Jun 15, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Amit Agarwal Google XML Sitemap for Videos... High Unreviewed
CVE-2023-25055 was published Jun 15, 2023
HuTool XML parsing module has blind XXE vulnerability High
CVE-2023-3276 was published for cn.hutool:hutool-core (Maven) Jun 15, 2023
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Easy GA4 ( Google Analytics 4 )... High Unreviewed
CVE-2023-23802 was published Jun 15, 2023
Cross-Site Request Forgery (CSRF) vulnerability in GiveWP GiveWP – Donation Plugin and... High Unreviewed
CVE-2023-25450 was published Jun 15, 2023
Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote... High Unreviewed
CVE-2023-28175 was published Jun 15, 2023
ProTip! Advisories are also available from the GraphQL API