GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
839 advisories
Filter by severity
Insufficient validation of guest context in the SNP Firmware could lead to a potential loss of...
Moderate
Unreviewed
CVE-2021-26327
was published
Nov 17, 2021
PSP protection against improperly configured side channels may lead to potential information...
Moderate
Unreviewed
CVE-2021-26312
was published
Nov 17, 2021
Philips MRI 1.5T and MRI 3T Version 5.x.x exposes sensitive information to an actor not...
Moderate
Unreviewed
CVE-2021-42744
was published
Nov 20, 2021
Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure...
Low
Unreviewed
CVE-2021-36319
was published
Nov 21, 2021
Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a...
Moderate
Unreviewed
CVE-2021-38004
was published
Nov 24, 2021
A vulnerability was discovered in the Zoom Client for Meetings (for Android, iOS, Linux, macOS,...
High
Unreviewed
CVE-2021-34424
was published
Nov 25, 2021
WordPress Hide My WP plugin (versions <= 6.2.3) can be deactivated by any unauthenticated user....
High
Unreviewed
CVE-2021-36917
was published
Nov 25, 2021
Azure Active Directory Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2021-42306
was published
Nov 25, 2021
In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message...
Moderate
Unreviewed
CVE-2021-44225
was published
Nov 27, 2021
Incorrect Access Control in Web Applications operating on Business-DNA Solutions GmbH’s...
Moderate
Unreviewed
CVE-2021-42116
was published
Dec 1, 2021
Unauthenticated remote attackers can read textual content via FreeMarker including files /scripts...
High
Unreviewed
CVE-2021-23263
was published
Dec 3, 2021
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow a low level user to reas of the application...
Moderate
Unreviewed
CVE-2021-29716
was published
Dec 4, 2021
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated to view or edit a Jupyter...
Moderate
Unreviewed
CVE-2021-29867
was published
Dec 4, 2021
IBM Cognos Analytics 11.1.7 and 11.2.0 could be vulnerable to client side vulnerabilties due to a...
Moderate
Unreviewed
CVE-2021-29719
was published
Dec 4, 2021
** UNSUPPORTED WHEN ASSIGNED ** ThinkUp 2.0-beta.10 is affected by a path manipulation...
Critical
Unreviewed
CVE-2021-43674
was published
Dec 4, 2021
Successful exploitation of this vulnerability could allow an unauthorized user to access...
High
Unreviewed
CVE-2021-36198
was published
Dec 7, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The apache user could...
Moderate
Unreviewed
CVE-2021-43043
was published
Dec 7, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The Samba file...
Moderate
Unreviewed
CVE-2021-43039
was published
Dec 7, 2021
A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in TP-Link AX10v1 before...
High
Unreviewed
CVE-2021-40288
was published
Dec 8, 2021
An information disclosure vulnerability in the ArcGIS Service Directory in Esri ArcGIS Enterprise...
Moderate
Unreviewed
CVE-2021-29115
was published
Dec 8, 2021
Under certain circumstances, asynchronous functions could have caused a navigation to fail but...
Moderate
Unreviewed
CVE-2021-43536
was published
Dec 9, 2021
Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will...
Moderate
Unreviewed
CVE-2021-38505
was published
Dec 9, 2021
An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows...
Low
Unreviewed
CVE-2021-25515
was published
Dec 9, 2021
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1, and 11.5 is vulnerable to...
Moderate
Unreviewed
CVE-2021-38931
was published
Dec 10, 2021
IBM Db2 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an Information Disclosure when using...
High
Unreviewed
CVE-2021-20373
was published
Dec 10, 2021
ProTip!
Advisories are also available from the
GraphQL API