Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,720 advisories

Loading
Patient Information Center iX (PIC iX) Versions C.02 and C.03 receives input or data, but does... Moderate Unreviewed
CVE-2021-43548 was published Dec 28, 2021
Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote... Moderate Unreviewed
CVE-2021-4059 was published Dec 24, 2021
Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a... Moderate Unreviewed
CVE-2021-4068 was published Dec 24, 2021
In alac decoder, there is a possible out of bounds read due to an incorrect bounds check. This... Moderate Unreviewed
CVE-2021-0674 was published Dec 18, 2021
In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could... Moderate Unreviewed
CVE-2021-0900 was published Dec 18, 2021
In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could... Moderate Unreviewed
CVE-2021-0902 was published Dec 18, 2021
Mattermost 6.0 and earlier fails to sufficiently validate parameters during post creation, which... Moderate Unreviewed
CVE-2021-37863 was published Dec 18, 2021
An attacker with basic CRUD permissions on a replicated collection can run the applyOps command... Moderate Unreviewed
CVE-2021-20330 was published Dec 16, 2021
Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-42320. Moderate Unreviewed
CVE-2021-43242 was published Dec 16, 2021
When a user opens manipulated Jupiter Tessellation (.jt) file received from untrusted sources in... Moderate Unreviewed
CVE-2021-42070 was published Dec 15, 2021
When a user opens a manipulated GIF (.gif) file received from untrusted sources in SAP 3D Visual... Moderate Unreviewed
CVE-2021-42068 was published Dec 15, 2021
When a user opens manipulated Tagged Image File Format (.tif) file received from untrusted... Moderate Unreviewed
CVE-2021-42069 was published Dec 15, 2021
There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this... Moderate Unreviewed
CVE-2021-37039 was published Dec 9, 2021
Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s... Moderate Unreviewed
CVE-2021-42121 was published Dec 1, 2021
Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s... Moderate Unreviewed
CVE-2021-42122 was published Dec 1, 2021
A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image... Moderate Unreviewed
CVE-2021-3802 was published Nov 30, 2021
The Reviews Plus WordPress plugin before 1.2.14 does not validate the submitted rating, allowing... Moderate Unreviewed
CVE-2021-24894 was published Nov 24, 2021
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0... Moderate Unreviewed
CVE-2021-38000 was published Nov 24, 2021
Dell Networking X-Series firmware versions prior to 3.0.1.8 contain a host header injection... Moderate Unreviewed
CVE-2021-36322 was published Nov 21, 2021
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a... Moderate Unreviewed
CVE-2021-0158 was published Nov 18, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database