GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20,047 advisories
Filter by severity
A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager...
Critical
Unreviewed
CVE-2021-25140
was published
May 24, 2022
SAP Commerce Cloud, versions - 1808,1811,1905,2005,2011, enables certain users with required...
Critical
Unreviewed
CVE-2021-21477
was published
May 24, 2022
Use after free in Payments in Google Chrome on Mac prior to 88.0.4324.146 allowed a remote...
Critical
Unreviewed
CVE-2021-21142
was published
May 24, 2022
Use after free in Navigation in Google Chrome prior to 88.0.4324.146 allowed a remote attacker...
Critical
Unreviewed
CVE-2021-21146
was published
May 24, 2022
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote...
Critical
Unreviewed
CVE-2021-21132
was published
May 24, 2022
Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96...
Critical
Unreviewed
CVE-2021-21124
was published
May 24, 2022
Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote...
Critical
Unreviewed
CVE-2021-21121
was published
May 24, 2022
Deleting users with certain names caused system files to be deleted. Risk is higher for systems...
Critical
Unreviewed
CVE-2020-28645
was published
May 24, 2022
A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All...
Critical
Unreviewed
CVE-2020-15798
was published
May 24, 2022
Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back...
Critical
Unreviewed
CVE-2020-13408
was published
May 24, 2022
Wavlink WN575A4 and WN579X3 devices through 2020-05-15 allow unauthenticated remote users to...
Critical
Unreviewed
CVE-2020-13117
was published
May 24, 2022
A use-after-free in the _zip_dirent_read function of zip_dirent.c in libzip 1.2.0 allows...
Critical
Unreviewed
CVE-2019-17582
was published
May 24, 2022
Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back...
Critical
Unreviewed
CVE-2020-13409
was published
May 24, 2022
Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back...
Critical
Unreviewed
CVE-2020-13407
was published
May 24, 2022
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to...
Critical
Unreviewed
CVE-2021-26915
was published
May 24, 2022
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to...
Critical
Unreviewed
CVE-2021-26914
was published
May 24, 2022
wpDataTables before 3.4.1 mishandles order direction for server-side tables, aka admin-ajax.php...
Critical
Unreviewed
CVE-2021-26754
was published
May 24, 2022
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to...
Critical
Unreviewed
CVE-2021-26913
was published
May 24, 2022
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to...
Critical
Unreviewed
CVE-2021-26912
was published
May 24, 2022
The mg_tls_init function in Cesanta Mongoose HTTPS server 7.0 (compiled with OpenSSL support) is...
Critical
Unreviewed
CVE-2021-26530
was published
May 24, 2022
The mg_tls_init function in Cesanta Mongoose HTTPS server 7.0 and 6.7-6.18 (compiled with mbedTLS...
Critical
Unreviewed
CVE-2021-26529
was published
May 24, 2022
The mg_http_serve_file function in Cesanta Mongoose HTTP server 7.0 is vulnerable to remote OOB...
Critical
Unreviewed
CVE-2021-26528
was published
May 24, 2022
Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product,...
Critical
Unreviewed
CVE-2021-22502
was published
May 24, 2022
An insufficient session expiration vulnerability in FortiNet's FortiIsolator version 2.0.1 and...
Critical
Unreviewed
CVE-2020-6649
was published
May 24, 2022
An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. A command injection...
Critical
Unreviewed
CVE-2020-11920
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API