GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,370 advisories

Filter by severity

Sort by

Least recently updated

IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when... High Unreviewed

CVE-2021-38950 was published Dec 15, 2021

An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.11 before 14... Moderate Unreviewed

CVE-2021-39931 was published Dec 14, 2021

A collision in access memoization logic in all versions of GitLab CE/EE before 14.3.6, all... High Unreviewed

CVE-2021-39937 was published Dec 14, 2021

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14... High Unreviewed

CVE-2021-39944 was published Dec 14, 2021

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5... Moderate Unreviewed

CVE-2021-38926 was published Dec 10, 2021

An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below... High Unreviewed

CVE-2021-26110 was published Dec 9, 2021

An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021... Low Unreviewed

CVE-2021-25513 was published Dec 9, 2021

An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows... Low Unreviewed

CVE-2021-25515 was published Dec 9, 2021

Intent redirection vulnerability in Samsung Blockchain Wallet prior to version 1.3.02.8 allows... Moderate Unreviewed

CVE-2021-25526 was published Dec 9, 2021

A privilege escalation vulnerability in FortiNAC versions 8.8.8 and below and 9.1.2 and below may... High Unreviewed

CVE-2021-41021 was published Dec 9, 2021

APM Java Agent Local Privilege Escalation High

CVE-2021-37941 was published for elastic-apm (pip) Dec 9, 2021

Thunderbird unexpectedly enabled JavaScript in the composition area. The JavaScript execution... Moderate Unreviewed

CVE-2021-43528 was published Dec 9, 2021

Improper Privilege Management in devise_masquerade High

CVE-2021-28680 was published for devise_masquerade (RubyGems) Dec 8, 2021

An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using... Critical Unreviewed

CVE-2021-42128 was published Dec 8, 2021

There is a Permissions,Privileges,and Access Controls vulnerability in Huawei Smartphone... High Unreviewed

CVE-2021-37091 was published Dec 8, 2021

Raspberry Pi OS through 5.10 has the raspberry default password for the pi account. If not... Critical Unreviewed

CVE-2021-38759 was published Dec 8, 2021

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A world writable file... High Unreviewed

CVE-2021-43034 was published Dec 7, 2021

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The privileged... High Unreviewed

CVE-2021-43040 was published Dec 7, 2021

When a user has admin rights in Serv-U Console, the user can move, create and delete any files... Moderate Unreviewed

CVE-2021-35245 was published Dec 7, 2021

An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could... High Unreviewed

CVE-2021-44019 was published Dec 4, 2021

An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could... High Unreviewed

CVE-2021-44020 was published Dec 4, 2021

An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could... High Unreviewed

CVE-2021-44021 was published Dec 4, 2021

The AMDPowerProfiler.sys driver of AMD ?Prof tool may allow lower privileged users to access MSRs... Critical Unreviewed

CVE-2021-26334 was published Dec 2, 2021

Improper Privilege Management in Concrete CMS High

CVE-2021-22966 was published for concrete5/core (Composer) Nov 23, 2021

certain VT-d IOMMUs may not work in shared page table mode For efficiency reasons, address... High Unreviewed

CVE-2021-28710 was published Nov 22, 2021

Previous 1 2 … 131 132 133 134 135 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,370 advisories