Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,047 advisories

Loading
A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager... Critical Unreviewed
CVE-2021-25140 was published May 24, 2022
SAP Commerce Cloud, versions - 1808,1811,1905,2005,2011, enables certain users with required... Critical Unreviewed
CVE-2021-21477 was published May 24, 2022
Use after free in Payments in Google Chrome on Mac prior to 88.0.4324.146 allowed a remote... Critical Unreviewed
CVE-2021-21142 was published May 24, 2022
Use after free in Navigation in Google Chrome prior to 88.0.4324.146 allowed a remote attacker... Critical Unreviewed
CVE-2021-21146 was published May 24, 2022
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote... Critical Unreviewed
CVE-2021-21132 was published May 24, 2022
Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96... Critical Unreviewed
CVE-2021-21124 was published May 24, 2022
Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote... Critical Unreviewed
CVE-2021-21121 was published May 24, 2022
Deleting users with certain names caused system files to be deleted. Risk is higher for systems... Critical Unreviewed
CVE-2020-28645 was published May 24, 2022
A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All... Critical Unreviewed
CVE-2020-15798 was published May 24, 2022
Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back... Critical Unreviewed
CVE-2020-13408 was published May 24, 2022
Wavlink WN575A4 and WN579X3 devices through 2020-05-15 allow unauthenticated remote users to... Critical Unreviewed
CVE-2020-13117 was published May 24, 2022
A use-after-free in the _zip_dirent_read function of zip_dirent.c in libzip 1.2.0 allows... Critical Unreviewed
CVE-2019-17582 was published May 24, 2022
Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back... Critical Unreviewed
CVE-2020-13409 was published May 24, 2022
Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back... Critical Unreviewed
CVE-2020-13407 was published May 24, 2022
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to... Critical Unreviewed
CVE-2021-26915 was published May 24, 2022
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to... Critical Unreviewed
CVE-2021-26914 was published May 24, 2022
wpDataTables before 3.4.1 mishandles order direction for server-side tables, aka admin-ajax.php... Critical Unreviewed
CVE-2021-26754 was published May 24, 2022
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to... Critical Unreviewed
CVE-2021-26913 was published May 24, 2022
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to... Critical Unreviewed
CVE-2021-26912 was published May 24, 2022
The mg_tls_init function in Cesanta Mongoose HTTPS server 7.0 (compiled with OpenSSL support) is... Critical Unreviewed
CVE-2021-26530 was published May 24, 2022
The mg_tls_init function in Cesanta Mongoose HTTPS server 7.0 and 6.7-6.18 (compiled with mbedTLS... Critical Unreviewed
CVE-2021-26529 was published May 24, 2022
The mg_http_serve_file function in Cesanta Mongoose HTTP server 7.0 is vulnerable to remote OOB... Critical Unreviewed
CVE-2021-26528 was published May 24, 2022
Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product,... Critical Unreviewed
CVE-2021-22502 was published May 24, 2022
An insufficient session expiration vulnerability in FortiNet's FortiIsolator version 2.0.1 and... Critical Unreviewed
CVE-2020-6649 was published May 24, 2022
An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. A command injection... Critical Unreviewed
CVE-2020-11920 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database