GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,985
Erlang
29
GitHub Actions
16
Go
1,774
Maven
5,000
npm
3,541
NuGet
617
pip
3,123
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
87,692 advisories
Filter by severity
There is an Injection attack vulnerability in Huawei Smartphone.Successful exploitation of this...
High
Unreviewed
CVE-2021-37033
was published
Nov 24, 2021
There is a Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Huawei...
High
Unreviewed
CVE-2021-37010
was published
Nov 24, 2021
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation...
High
Unreviewed
CVE-2021-37017
was published
Nov 24, 2021
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation...
High
Unreviewed
CVE-2021-37019
was published
Nov 24, 2021
There is a Improper Preservation of Permissions vulnerability in Huawei Smartphone.Successful...
High
Unreviewed
CVE-2021-37006
was published
Nov 24, 2021
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation...
High
Unreviewed
CVE-2021-37004
was published
Nov 24, 2021
The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A...
High
Unreviewed
CVE-2021-21980
was published
Nov 25, 2021
A vulnerability was discovered in the Zoom Client for Meetings (for Android, iOS, Linux, macOS,...
High
Unreviewed
CVE-2021-34424
was published
Nov 25, 2021
A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of...
High
Unreviewed
CVE-2021-3552
was published
Nov 25, 2021
WordPress Hide My WP plugin (versions <= 6.2.3) can be deactivated by any unauthenticated user....
High
Unreviewed
CVE-2021-36917
was published
Nov 25, 2021
Cross-site request forgery (CSRF) vulnerability in Unlimited Sitemap Generator versions prior to...
High
Unreviewed
CVE-2021-20845
was published
Nov 25, 2021
Improper authorization in handler for custom URL scheme vulnerability in Android App 'Mercari ...
High
Unreviewed
CVE-2021-20835
was published
Nov 25, 2021
PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text...
High
Unreviewed
CVE-2021-28708
was published
Nov 25, 2021
Microsoft Edge for iOS Spoofing Vulnerability
High
Unreviewed
CVE-2021-43220
was published
Nov 25, 2021
PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text...
High
Unreviewed
CVE-2021-28704
was published
Nov 25, 2021
PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text...
High
Unreviewed
CVE-2021-28707
was published
Nov 25, 2021
Windows 10 Update Assistant Elevation of Privilege Vulnerability This CVE ID is unique from CVE...
High
Unreviewed
CVE-2021-42297
was published
Nov 25, 2021
Improper Input Validation vulnerability in the APDU parser in the Bidirectional Communication...
High
Unreviewed
CVE-2021-35533
was published
Nov 27, 2021
The vulnerability function is enabled when the streamer service related to the AfreecaTV...
High
Unreviewed
CVE-2020-7881
was published
Nov 27, 2021
An authenticated user could potentially execute code via an SQLi vulnerability in the user portal...
High
Unreviewed
CVE-2021-36807
was published
Nov 27, 2021
ZrLog 2.2.2 has a remote command execution vulnerability at plugin download function, it could...
High
Unreviewed
CVE-2021-44094
was published
Nov 29, 2021
Sensitive information could be logged. The following products are affected: Acronis Agent ...
High
Unreviewed
CVE-2021-34800
was published
Nov 30, 2021
The Stetic WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce...
High
Unreviewed
CVE-2021-42364
was published
Nov 30, 2021
DLL hijacking could lead to local privilege escalation. The following products are affected:...
High
Unreviewed
CVE-2021-44198
was published
Nov 30, 2021
The Contact Form With Captcha WordPress plugin is vulnerable to Cross-Site Request Forgery due to...
High
Unreviewed
CVE-2021-42358
was published
Nov 30, 2021
ProTip!
Advisories are also available from the
GraphQL API