Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

5,154 advisories

Loading
When a user opens manipulated Jupiter Tessellation (.jt) file received from untrusted sources in... Moderate Unreviewed
CVE-2021-42070 was published Dec 15, 2021
There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this... Moderate Unreviewed
CVE-2021-37039 was published Dec 9, 2021
Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s... Moderate Unreviewed
CVE-2021-42121 was published Dec 1, 2021
Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s... Moderate Unreviewed
CVE-2021-42122 was published Dec 1, 2021
A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image... Moderate Unreviewed
CVE-2021-3802 was published Nov 30, 2021
The Reviews Plus WordPress plugin before 1.2.14 does not validate the submitted rating, allowing... Moderate Unreviewed
CVE-2021-24894 was published Nov 24, 2021
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0... Moderate Unreviewed
CVE-2021-38000 was published Nov 24, 2021
Dell Networking X-Series firmware versions prior to 3.0.1.8 contain a host header injection... Moderate Unreviewed
CVE-2021-36322 was published Nov 21, 2021
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a... Moderate Unreviewed
CVE-2021-0158 was published Nov 18, 2021
Misconfigured IP address field in ROA leads to OctoRPKI crash Moderate
CVE-2021-3911 was published for github.com/cloudflare/cfrpki (Go) Nov 10, 2021
Unexpected panics in num-bigint Moderate
GHSA-v935-pqmr-g8v9 was published for num-bigint (Rust) Nov 3, 2021
guidovranken arvidn
Geth Node Vulnerable to DoS via maliciously crafted p2p message Moderate
CVE-2021-41173 was published for github.com/ethereum/go-ethereum (Go) Oct 25, 2021
rjl493456442 holiman
Email relay in Apache Traffic Control Moderate
CVE-2021-42009 was published for github.com/apache/trafficcontrol (Go) Oct 13, 2021
Denial of service in DataCommunicator class in Vaadin 8 Moderate
CVE-2021-33609 was published for com.vaadin:vaadin-server (Maven) Oct 13, 2021
SunBK201
Validity check missing in Frontier Moderate
CVE-2021-41138 was published for pallet-ethereum (Rust) Oct 13, 2021
Improper Input Validation in OpenCV Moderate
CVE-2016-1517 was published for opencv-contrib-python (pip) Oct 12, 2021
Code injection in Kubernetes Java Client Moderate
CVE-2021-25738 was published for io.kubernetes:client-java (Maven) Oct 12, 2021
Improper Input Validation in Jakarta Expression Language Moderate
CVE-2021-28170 was published for com.sun.el:el-ri (Maven) Oct 6, 2021
levpachmanov
HTTP Host Header Injection Moderate
CVE-2021-41114 was published for typo3/cms (Composer) Oct 5, 2021
bnf
Transaction validity oversight in pallet-ethereum Moderate
CVE-2021-39193 was published for pallet-ethereum (Rust) Sep 1, 2021
Manipulation of product reviews via API Moderate
CVE-2021-37707 was published for shopware/core (Composer) Aug 30, 2021
Unexpected panic when decoding tokens in branca Moderate
CVE-2020-35918 was published for branca (Rust) Aug 25, 2021
tdunlap607
`CHECK`-fail in `MapStage` Moderate
CVE-2021-37673 was published for tensorflow (pip) Aug 25, 2021
Incomplete validation in `MaxPoolGrad` Moderate
CVE-2021-37674 was published for tensorflow (pip) Aug 25, 2021
Missing validation in shape inference for `Dequantize` Moderate
CVE-2021-37677 was published for tensorflow (pip) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database