Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

847 advisories

Loading
An issue was discovered in Hyland org.alfresco:alfresco-content-services through 7.0.1.2. Script... High Unreviewed
CVE-2021-41790 was published May 24, 2022
IBM Flash System 900 could allow an authenticated attacker to obtain sensitive information and... High Unreviewed
CVE-2021-29873 was published May 24, 2022
Releases prior to VMware vRealize Operations Tenant App 8.6 contain an Information Disclosure... High Unreviewed
CVE-2021-22034 was published May 24, 2022
Accepting AMSDU frames with mismatched destination and source address can lead to information... High Unreviewed
CVE-2020-11303 was published May 24, 2022
Improper validation of kernel buffer address while copying information back to user buffer can... Moderate Unreviewed
CVE-2021-1969 was published May 24, 2022
Improper validation of kernel buffer address while copying information back to user buffer can... Moderate Unreviewed
CVE-2021-1968 was published May 24, 2022
A lock screen issue allowed access to contacts on a locked device. This issue was addressed with... Low Unreviewed
CVE-2021-30815 was published May 24, 2022
This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005... Moderate Unreviewed
CVE-2021-30828 was published May 24, 2022
An access issue was addressed with improved access restrictions. This issue is fixed in Security... High Unreviewed
CVE-2021-30850 was published May 24, 2022
Clustered Data ONTAP versions 9.x prior to 9.5P18, 9.6P16, 9.7P16, 9.8P7 and 9.9.1P2 are... Moderate Unreviewed
CVE-2021-27001 was published May 24, 2022
InBody App for iOS versions prior to 2.3.30 and InBody App for Android versions prior to 2.2.90... Moderate Unreviewed
CVE-2021-20832 was published May 24, 2022
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download... High Unreviewed
CVE-2021-20123 was published May 24, 2022
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download... High Unreviewed
CVE-2021-20124 was published May 24, 2022
Arbitrary file deletion vulnerability was discovered in wuzhicms v 4.0.1 via coreframe\app... High Unreviewed
CVE-2020-28145 was published May 24, 2022
SAP Internet Communication framework (ICM) - versions 700, 701, 702, 730, 731, 740, 750, 751, 752... Moderate Unreviewed
CVE-2021-40496 was published May 24, 2022
SAP BusinessObjects Analysis (edition for OLAP) - versions 420, 430, allows an attacker to... Moderate Unreviewed
CVE-2021-40497 was published May 24, 2022
A remote unauthorized read access to files vulnerability was discovered in Aruba Instant version... Moderate Unreviewed
CVE-2021-37734 was published May 24, 2022
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54... Moderate Unreviewed
CVE-2021-37965 was published May 24, 2022
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54... Moderate Unreviewed
CVE-2021-37968 was published May 24, 2022
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54... Moderate Unreviewed
CVE-2021-37967 was published May 24, 2022
Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote... Moderate Unreviewed
CVE-2021-30630 was published May 24, 2022
An issue was discovered in Zammad before 4.1.1. An admin can discover the application secret via... Moderate Unreviewed
CVE-2021-42087 was published May 24, 2022
waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form... High Unreviewed
CVE-2020-21503 was published May 24, 2022
A business logic error in the project deletion process in GitLab 13.6 and later allows persistent... Moderate Unreviewed
CVE-2021-39866 was published May 24, 2022
In all versions of GitLab EE since version 8.13, an endpoint discloses names of private groups... Moderate Unreviewed
CVE-2021-39884 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database