Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

101,583 advisories

Loading
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0... Moderate Unreviewed
CVE-2021-38000 was published Nov 24, 2021
Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a... Moderate Unreviewed
CVE-2021-38004 was published Nov 24, 2021
Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a... Moderate Unreviewed
CVE-2021-37999 was published Nov 24, 2021
IBM Tivoli Key Lifecycle Manager (IBM Security Guardium Key Lifecycle Manager) 3.0, 3.0.1, 4.0,... Moderate Unreviewed
CVE-2021-38980 was published Nov 24, 2021
Dell EMC CloudLink 7.1 and all prior versions contain a Buffer Overflow Vulnerability. A local... Moderate Unreviewed
CVE-2021-36333 was published Nov 24, 2021
Dell EMC CloudLink 7.1 and all prior versions contain a CSV formula Injection Vulnerability. A... Moderate Unreviewed
CVE-2021-36334 was published Nov 24, 2021
Dell EMC CloudLink 7.1 and all prior versions contain a HTML and Javascript Injection... Moderate Unreviewed
CVE-2021-36332 was published Nov 24, 2021
The Reviews Plus WordPress plugin before 1.2.14 does not validate the submitted rating, allowing... Moderate Unreviewed
CVE-2021-24894 was published Nov 24, 2021
The eCommerce Product Catalog Plugin for WordPress plugin before 3.0.39 does not escape the ic... Moderate Unreviewed
CVE-2021-24875 was published Nov 24, 2021
A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor prior to 6.5.2 allows a... Moderate Unreviewed
CVE-2021-31852 was published Nov 24, 2021
The Logo Showcase with Slick Slider WordPress plugin before 1.2.4 does not sanitise the Grid... Moderate Unreviewed
CVE-2021-24729 was published Nov 24, 2021
The BetterLinks WordPress plugin before 1.2.6 does not sanitise and escape some of imported link... Moderate Unreviewed
CVE-2021-24812 was published Nov 24, 2021
Dell PowerScale OneFS version 8.1.2 contains a sensitive information exposure vulnerability. This... Moderate Unreviewed
CVE-2021-21561 was published Nov 24, 2021
The Advanced Access Manager WordPress plugin before 6.8.0 does not escape some of its settings... Moderate Unreviewed
CVE-2021-24830 was published Nov 24, 2021
The Download Plugin WordPress plugin before 1.6.1 does not have capability and CSRF checks in the... Moderate Unreviewed
CVE-2021-24703 was published Nov 24, 2021
There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of... Moderate Unreviewed
CVE-2021-37023 was published Nov 24, 2021
There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is... Moderate Unreviewed
CVE-2021-22356 was published Nov 24, 2021
There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and... Moderate Unreviewed
CVE-2021-37036 was published Nov 24, 2021
An issue was discovered in VxWorks 6.9 through 7. In the IKE component, a specifically crafted... Moderate Unreviewed
CVE-2021-43268 was published Nov 25, 2021
Improper neutralization of HTTP request headers for scripting syntax vulnerability in the Web GUI... Moderate Unreviewed
CVE-2021-20844 was published Nov 25, 2021
Cross-site scripting vulnerability in Booking Package - Appointment Booking Calendar System... Moderate Unreviewed
CVE-2021-20840 was published Nov 25, 2021
Azure Active Directory Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-42306 was published Nov 25, 2021
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Moderate Unreviewed
CVE-2021-43221 was published Nov 25, 2021
Multiple Authenticated Reflected Cross-Site Scripting (XSS) vulnerabilities in WordPress Awesome... Moderate Unreviewed
CVE-2021-36919 was published Nov 27, 2021
In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message... Moderate Unreviewed
CVE-2021-44225 was published Nov 27, 2021
ProTip! Advisories are also available from the GraphQL API