Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,748
Maven
4,978
npm
3,509
NuGet
609
pip
3,075
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

18,799 advisories

Loading
Use After Free in node.js Critical Unreviewed
CVE-2021-22930 was published Oct 8, 2021
SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution. Critical Unreviewed
CVE-2021-32234 was published Nov 17, 2021
Modern DRAM devices (PC-DDR4, LPDDR4X) are affected by a vulnerability in their internal Target... Critical Unreviewed
CVE-2021-42114 was published Nov 17, 2021
A brute-force protection bypass in CAPTCHA protection in ASUS ROG Rapture GT-AX11000, RT-AX3000,... Critical Unreviewed
CVE-2021-41435 was published Nov 20, 2021
Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with a crafted TCP/IP... Critical Unreviewed
CVE-2021-37592 was published Nov 20, 2021
Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an authentication bypass... Critical Unreviewed
CVE-2021-36320 was published Nov 21, 2021
A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a... Critical Unreviewed
CVE-2021-44143 was published Nov 23, 2021
Using the parameter of getPFXFolderList function, attackers can see the information of... Critical Unreviewed
CVE-2020-7882 was published Nov 23, 2021
Buffer Overflow vulnerability in tvnviewer.exe of TightVNC Viewer allows a remote attacker to... Critical Unreviewed
CVE-2021-42785 was published Nov 24, 2021
Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker... Critical Unreviewed
CVE-2021-38002 was published Nov 24, 2021
Missing Authentication for Critical Function vulnerability in debug_post_set.cgi of D-Link DWR... Critical Unreviewed
CVE-2021-42783 was published Nov 24, 2021
Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. A... Critical Unreviewed
CVE-2021-36312 was published Nov 24, 2021
There is a Heap-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation... Critical Unreviewed
CVE-2021-37022 was published Nov 24, 2021
The SQL injection vulnerability in the Hide My WP WordPress plugin (versions <= 6.2.3) is... Critical Unreviewed
CVE-2021-36916 was published Nov 25, 2021
The vSphere Web Client (FLEX/Flash) contains an SSRF (Server Side Request Forgery) vulnerability... Critical Unreviewed
CVE-2021-22049 was published Nov 25, 2021
Gin-Vue-Admin before 2.4.6 mishandles a SQL database. Critical Unreviewed
CVE-2021-44219 was published Nov 26, 2021
HejHome GKW-IC052 IP Camera contained a hard-coded credentials vulnerability. This issue allows... Critical Unreviewed
CVE-2021-26611 was published Nov 27, 2021
A command injection vulnerability has been reported to affect QNAP device, VioStor. If exploited,... Critical Unreviewed
CVE-2021-38685 was published Nov 27, 2021
An unspecified version of tripexpress is affected by a path manipulation vulnerability in file... Critical Unreviewed
CVE-2021-43691 was published Nov 30, 2021
The Contest Gallery WordPress plugin before 13.1.0.6 does not have capability checks and does not... Critical Unreviewed
CVE-2021-24915 was published Nov 30, 2021
vesta 0.9.8-24 is affected by a file inclusion vulnerability in file web/add/user/index.php. Critical Unreviewed
CVE-2021-43693 was published Nov 30, 2021
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and... Critical Unreviewed
CVE-2021-44077 was published Nov 30, 2021
Dell EMC Streaming Data Platform versions before 1.3 contain an Insufficient Session Expiration... Critical Unreviewed
CVE-2021-36330 was published Dec 1, 2021
Zoho ManageEngine Network Configuration Manager before 125488 is vulnerable to command injection... Critical Unreviewed
CVE-2021-43319 was published Dec 1, 2021
This issue was discovered when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. It... Critical Unreviewed
CVE-2020-7879 was published Dec 1, 2021
ProTip! Advisories are also available from the GraphQL API