Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,012
Erlang
29
GitHub Actions
16
Go
1,805
Maven
5,000+
npm
3,553
NuGet
630
pip
3,148
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

978 advisories

Loading
Emuse - eServices / eNvoice Exposure Of Private Personal Information due to lack of... High Unreviewed
CVE-2021-36723 was published Dec 30, 2021
An arbitrary file download vulnerability in jeecg v3.8 allows attackers to access sensitive files... High Unreviewed
CVE-2020-20948 was published Dec 28, 2021
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This... Moderate Unreviewed
CVE-2021-45494 was published Dec 27, 2021
Inappropriate implementation in cache in Google Chrome prior to 96.0.4664.45 allowed a remote... Moderate Unreviewed
CVE-2021-38009 was published Dec 24, 2021
An Improper Access Control Vulnerability in the SMA100 series leads to multiple restricted... High Unreviewed
CVE-2021-20050 was published Dec 24, 2021
This issue was addressed with a new entitlement. This issue is fixed in macOS Mojave 10.14.6,... Moderate Unreviewed
CVE-2019-8702 was published Dec 24, 2021
A local file inclusion vulnerability exists in the Web Manager Applications and FsBrowse... Moderate Unreviewed
CVE-2021-21878 was published Dec 23, 2021
Zoho ManageEngine Access Manager Plus before 4203 allows anyone to view a few data elements (e.g.... Critical Unreviewed
CVE-2021-44676 was published Dec 21, 2021
Zoho ManageEngine PAM360 before build 5303 allows attackers to modify a few aspects of... Critical Unreviewed
CVE-2021-44525 was published Dec 21, 2021
Insecure permissions on user namespace / fakeroot temporary rootfs in Singularity High
CVE-2020-25039 was published for github.com/sylabs/singularity (Go) Dec 20, 2021
xman
Malicious Atomix node queries expose sensitive information Moderate
CVE-2020-35215 was published for io.atomix:atomix (Maven) Dec 17, 2021
KNIME Server before 4.12.6 and 4.13.x before 4.13.4 (when installed in unattended mode) keeps the... Moderate Unreviewed
CVE-2021-45097 was published Dec 17, 2021
An issue was discovered in HTCondor before 8.8.15, 9.0.x before 9.0.4, and 9.1.x before 9.1.2.... High Unreviewed
CVE-2021-45101 was published Dec 17, 2021
Exposure of Resource to Wrong Sphere in org.craftercms:crafter-search Critical
CVE-2021-23264 was published for org.craftercms:crafter-search (Maven) Dec 16, 2021
Visual Basic for Applications Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-42295 was published Dec 16, 2021
Microsoft Local Security Authority Server (lsasrv) Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-43216 was published Dec 16, 2021
Microsoft Message Queuing Information Disclosure Vulnerability This CVE ID is unique from CVE... High Unreviewed
CVE-2021-43222 was published Dec 16, 2021
Windows Common Log File System Driver Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-43224 was published Dec 16, 2021
Storage Spaces Controller Information Disclosure Vulnerability This CVE ID is unique from CVE... Moderate Unreviewed
CVE-2021-43227 was published Dec 16, 2021
Storage Spaces Controller Information Disclosure Vulnerability This CVE ID is unique from CVE... Moderate Unreviewed
CVE-2021-43235 was published Dec 16, 2021
Microsoft Defender for IoT Information Disclosure Vulnerability High Unreviewed
CVE-2021-43888 was published Dec 16, 2021
In code generated by BuildParcelFields of generate_cpp.cpp, there is a possible way for a crafted... Moderate Unreviewed
CVE-2021-0966 was published Dec 16, 2021
In getSerialForPackage of DeviceIdentifiersPolicyService.java, there is a possible way to... Low Unreviewed
CVE-2021-0978 was published Dec 16, 2021
In getOrganizationNameForUser of DevicePolicyManagerService.java, there is a possible... Low Unreviewed
CVE-2021-0982 was published Dec 16, 2021
In hasGrantedPolicy of DevicePolicyManagerService.java, there is a possible information... Moderate Unreviewed
CVE-2021-0986 was published Dec 16, 2021
ProTip! Advisories are also available from the GraphQL API