Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

332 advisories

Loading
Through complicated navigations with new windows, an HTTP page could have inherited a secure lock... Moderate Unreviewed
CVE-2021-23998 was published May 24, 2022
Address bar search suggestions in private browsing mode were re-using session data from normal... Moderate Unreviewed
CVE-2021-29963 was published May 24, 2022
Insufficient verification of data authenticity in Peloton TTR01 up to and including PTV55G allows... High Unreviewed
CVE-2021-33887 was published May 24, 2022
A vulnerability has been identified in Mendix SAML Module (All versions < V2.1.2). The... High Unreviewed
CVE-2021-33712 was published May 24, 2022
wire-ios is the iOS version of Wire, an open-source secure messaging app. wire-ios versions 3.8.0... Moderate Unreviewed
CVE-2021-32665 was published May 24, 2022
Openstack Neutron has Insufficient Verification of IPv6 addresses High
CVE-2021-20267 was published for neutron (pip) May 24, 2022
Insufficient Verification of Data Authenticity in Nagios Fusion 4.1.8 and earlier and Nagios XI 5... Critical Unreviewed
CVE-2020-28900 was published May 24, 2022
The USB firmware update script of homee Brain Cube v2 (2.28.2 and 2.28.4) devices allows an... High Unreviewed
CVE-2020-24395 was published May 24, 2022
There is a denial of service vulnerability in some versions of ManageOne. In specific scenarios,... Moderate Unreviewed
CVE-2021-22339 was published May 24, 2022
CODESYS Development System 3 before 3.5.17.0 displays or executes malicious documents or files... High Unreviewed
CVE-2021-29239 was published May 24, 2022
Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote... High Unreviewed
CVE-2021-21231 was published May 24, 2022
show_default.php in the LocalFilesEditor extension before 11.4.0.1 for Piwigo allows Local File... High Unreviewed
CVE-2021-31783 was published May 24, 2022
A flaw was found in RPM's signature check functionality when reading a package file. This flaw... High Unreviewed
CVE-2021-20271 was published May 24, 2022
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an unauthenticated,... High Unreviewed
CVE-2021-1403 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2020-17426 was published May 24, 2022
** DISPUTED ** GNOME Evolution through 3.38.3 produces a "Valid signature" message for an unknown... Low Unreviewed
CVE-2021-3349 was published May 24, 2022
Monal before 4.9 does not implement proper sender verification on MAM and Message Carbon (XEP... Critical Unreviewed
CVE-2020-26547 was published May 24, 2022
There is a improper privilege management vulnerability in some Huawei smartphone. Successful... Critical Unreviewed
CVE-2020-9141 was published May 24, 2022
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is... High Unreviewed
CVE-2020-16122 was published May 24, 2022
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of... High Unreviewed
CVE-2020-27670 was published May 24, 2022
In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing... Critical Unreviewed
CVE-2019-17006 was published May 24, 2022
An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional... Moderate Unreviewed
CVE-2020-9885 was published May 24, 2022
An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor could use a properly signed... High Unreviewed
CVE-2020-26893 was published May 24, 2022
When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle... High Unreviewed
CVE-2020-1677 was published May 24, 2022
There is an information disclosure vulnerability in several smartphones. The device does not... Moderate Unreviewed
CVE-2020-9109 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API