Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

567 advisories

Loading
Windows Common Log File System Driver Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-43224 was published Dec 16, 2021
Storage Spaces Controller Information Disclosure Vulnerability This CVE ID is unique from CVE... Moderate Unreviewed
CVE-2021-43227 was published Dec 16, 2021
Storage Spaces Controller Information Disclosure Vulnerability This CVE ID is unique from CVE... Moderate Unreviewed
CVE-2021-43235 was published Dec 16, 2021
In code generated by BuildParcelFields of generate_cpp.cpp, there is a possible way for a crafted... Moderate Unreviewed
CVE-2021-0966 was published Dec 16, 2021
In hasGrantedPolicy of DevicePolicyManagerService.java, there is a possible information... Moderate Unreviewed
CVE-2021-0986 was published Dec 16, 2021
In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory... Moderate Unreviewed
CVE-2021-39648 was published Dec 16, 2021
Improper access control in the GraphQL API in GitLab CE/EE affecting all versions starting from... Moderate Unreviewed
CVE-2021-39915 was published Dec 14, 2021
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1, and 11.5 is vulnerable to... Moderate Unreviewed
CVE-2021-38931 was published Dec 10, 2021
Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will... Moderate Unreviewed
CVE-2021-38505 was published Dec 9, 2021
Under certain circumstances, asynchronous functions could have caused a navigation to fail but... Moderate Unreviewed
CVE-2021-43536 was published Dec 9, 2021
An information disclosure vulnerability in the ArcGIS Service Directory in Esri ArcGIS Enterprise... Moderate Unreviewed
CVE-2021-29115 was published Dec 8, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The Samba file... Moderate Unreviewed
CVE-2021-43039 was published Dec 7, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The apache user could... Moderate Unreviewed
CVE-2021-43043 was published Dec 7, 2021
IBM Cognos Analytics 11.1.7 and 11.2.0 could be vulnerable to client side vulnerabilties due to a... Moderate Unreviewed
CVE-2021-29719 was published Dec 4, 2021
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated to view or edit a Jupyter... Moderate Unreviewed
CVE-2021-29867 was published Dec 4, 2021
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow a low level user to reas of the application... Moderate Unreviewed
CVE-2021-29716 was published Dec 4, 2021
Incorrect Access Control in Web Applications operating on Business-DNA Solutions GmbH’s... Moderate Unreviewed
CVE-2021-42116 was published Dec 1, 2021
In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message... Moderate Unreviewed
CVE-2021-44225 was published Nov 27, 2021
Azure Active Directory Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-42306 was published Nov 25, 2021
Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a... Moderate Unreviewed
CVE-2021-38004 was published Nov 24, 2021
Apache Ozone exposes OM, SCM and Datanode metadata Moderate
CVE-2021-41532 was published for org.apache.ozone:ozone-main (Maven) Nov 23, 2021
Philips MRI 1.5T and MRI 3T Version 5.x.x exposes sensitive information to an actor not... Moderate Unreviewed
CVE-2021-42744 was published Nov 20, 2021
PSP protection against improperly configured side channels may lead to potential information... Moderate Unreviewed
CVE-2021-26312 was published Nov 17, 2021
Insufficient validation of guest context in the SNP Firmware could lead to a potential loss of... Moderate Unreviewed
CVE-2021-26327 was published Nov 17, 2021
Electron's sandboxed renderers can obtain thumbnails of arbitrary files through the nativeImage API Moderate
CVE-2021-39184 was published for electron (npm) Oct 12, 2021
nornagon
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database