GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
332 advisories
Filter by severity
Through complicated navigations with new windows, an HTTP page could have inherited a secure lock...
Moderate
Unreviewed
CVE-2021-23998
was published
May 24, 2022
Address bar search suggestions in private browsing mode were re-using session data from normal...
Moderate
Unreviewed
CVE-2021-29963
was published
May 24, 2022
Insufficient verification of data authenticity in Peloton TTR01 up to and including PTV55G allows...
High
Unreviewed
CVE-2021-33887
was published
May 24, 2022
A vulnerability has been identified in Mendix SAML Module (All versions < V2.1.2). The...
High
Unreviewed
CVE-2021-33712
was published
May 24, 2022
wire-ios is the iOS version of Wire, an open-source secure messaging app. wire-ios versions 3.8.0...
Moderate
Unreviewed
CVE-2021-32665
was published
May 24, 2022
Openstack Neutron has Insufficient Verification of IPv6 addresses
High
CVE-2021-20267
was published
for
neutron
(pip)
May 24, 2022
Insufficient Verification of Data Authenticity in Nagios Fusion 4.1.8 and earlier and Nagios XI 5...
Critical
Unreviewed
CVE-2020-28900
was published
May 24, 2022
The USB firmware update script of homee Brain Cube v2 (2.28.2 and 2.28.4) devices allows an...
High
Unreviewed
CVE-2020-24395
was published
May 24, 2022
There is a denial of service vulnerability in some versions of ManageOne. In specific scenarios,...
Moderate
Unreviewed
CVE-2021-22339
was published
May 24, 2022
CODESYS Development System 3 before 3.5.17.0 displays or executes malicious documents or files...
High
Unreviewed
CVE-2021-29239
was published
May 24, 2022
Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote...
High
Unreviewed
CVE-2021-21231
was published
May 24, 2022
show_default.php in the LocalFilesEditor extension before 11.4.0.1 for Piwigo allows Local File...
High
Unreviewed
CVE-2021-31783
was published
May 24, 2022
A flaw was found in RPM's signature check functionality when reading a package file. This flaw...
High
Unreviewed
CVE-2021-20271
was published
May 24, 2022
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an unauthenticated,...
High
Unreviewed
CVE-2021-1403
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-17426
was published
May 24, 2022
** DISPUTED ** GNOME Evolution through 3.38.3 produces a "Valid signature" message for an unknown...
Low
Unreviewed
CVE-2021-3349
was published
May 24, 2022
Monal before 4.9 does not implement proper sender verification on MAM and Message Carbon (XEP...
Critical
Unreviewed
CVE-2020-26547
was published
May 24, 2022
There is a improper privilege management vulnerability in some Huawei smartphone. Successful...
Critical
Unreviewed
CVE-2020-9141
was published
May 24, 2022
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is...
High
Unreviewed
CVE-2020-16122
was published
May 24, 2022
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of...
High
Unreviewed
CVE-2020-27670
was published
May 24, 2022
In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing...
Critical
Unreviewed
CVE-2019-17006
was published
May 24, 2022
An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional...
Moderate
Unreviewed
CVE-2020-9885
was published
May 24, 2022
An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor could use a properly signed...
High
Unreviewed
CVE-2020-26893
was published
May 24, 2022
When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle...
High
Unreviewed
CVE-2020-1677
was published
May 24, 2022
There is an information disclosure vulnerability in several smartphones. The device does not...
Moderate
Unreviewed
CVE-2020-9109
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API