GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
101,583 advisories
Filter by severity
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0...
Moderate
Unreviewed
CVE-2021-38000
was published
Nov 24, 2021
Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a...
Moderate
Unreviewed
CVE-2021-38004
was published
Nov 24, 2021
Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a...
Moderate
Unreviewed
CVE-2021-37999
was published
Nov 24, 2021
IBM Tivoli Key Lifecycle Manager (IBM Security Guardium Key Lifecycle Manager) 3.0, 3.0.1, 4.0,...
Moderate
Unreviewed
CVE-2021-38980
was published
Nov 24, 2021
Dell EMC CloudLink 7.1 and all prior versions contain a Buffer Overflow Vulnerability. A local...
Moderate
Unreviewed
CVE-2021-36333
was published
Nov 24, 2021
Dell EMC CloudLink 7.1 and all prior versions contain a CSV formula Injection Vulnerability. A...
Moderate
Unreviewed
CVE-2021-36334
was published
Nov 24, 2021
Dell EMC CloudLink 7.1 and all prior versions contain a HTML and Javascript Injection...
Moderate
Unreviewed
CVE-2021-36332
was published
Nov 24, 2021
The Reviews Plus WordPress plugin before 1.2.14 does not validate the submitted rating, allowing...
Moderate
Unreviewed
CVE-2021-24894
was published
Nov 24, 2021
The eCommerce Product Catalog Plugin for WordPress plugin before 3.0.39 does not escape the ic...
Moderate
Unreviewed
CVE-2021-24875
was published
Nov 24, 2021
A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor prior to 6.5.2 allows a...
Moderate
Unreviewed
CVE-2021-31852
was published
Nov 24, 2021
The Logo Showcase with Slick Slider WordPress plugin before 1.2.4 does not sanitise the Grid...
Moderate
Unreviewed
CVE-2021-24729
was published
Nov 24, 2021
The BetterLinks WordPress plugin before 1.2.6 does not sanitise and escape some of imported link...
Moderate
Unreviewed
CVE-2021-24812
was published
Nov 24, 2021
Dell PowerScale OneFS version 8.1.2 contains a sensitive information exposure vulnerability. This...
Moderate
Unreviewed
CVE-2021-21561
was published
Nov 24, 2021
The Advanced Access Manager WordPress plugin before 6.8.0 does not escape some of its settings...
Moderate
Unreviewed
CVE-2021-24830
was published
Nov 24, 2021
The Download Plugin WordPress plugin before 1.6.1 does not have capability and CSRF checks in the...
Moderate
Unreviewed
CVE-2021-24703
was published
Nov 24, 2021
There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of...
Moderate
Unreviewed
CVE-2021-37023
was published
Nov 24, 2021
There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is...
Moderate
Unreviewed
CVE-2021-22356
was published
Nov 24, 2021
There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and...
Moderate
Unreviewed
CVE-2021-37036
was published
Nov 24, 2021
An issue was discovered in VxWorks 6.9 through 7. In the IKE component, a specifically crafted...
Moderate
Unreviewed
CVE-2021-43268
was published
Nov 25, 2021
Improper neutralization of HTTP request headers for scripting syntax vulnerability in the Web GUI...
Moderate
Unreviewed
CVE-2021-20844
was published
Nov 25, 2021
Cross-site scripting vulnerability in Booking Package - Appointment Booking Calendar System...
Moderate
Unreviewed
CVE-2021-20840
was published
Nov 25, 2021
Azure Active Directory Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2021-42306
was published
Nov 25, 2021
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Moderate
Unreviewed
CVE-2021-43221
was published
Nov 25, 2021
Multiple Authenticated Reflected Cross-Site Scripting (XSS) vulnerabilities in WordPress Awesome...
Moderate
Unreviewed
CVE-2021-36919
was published
Nov 27, 2021
In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message...
Moderate
Unreviewed
CVE-2021-44225
was published
Nov 27, 2021
ProTip!
Advisories are also available from the
GraphQL API