GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
720 advisories
Filter by severity
Improper access control in the software installer for the Intel(R) Serial IO driver for Intel(R)...
High
Unreviewed
CVE-2021-33118
was published
Nov 18, 2021
Insufficient security control vulnerability in internal database access mechanism of Hitachi...
High
Unreviewed
CVE-2021-35534
was published
Nov 19, 2021
Improper authorization in handler for custom URL scheme vulnerability in Android App 'Mercari ...
High
Unreviewed
CVE-2021-20835
was published
Nov 25, 2021
Trend Micro Antivirus for Mac 2021 v11 (Consumer) is vulnerable to an improper access control...
High
Unreviewed
CVE-2021-43771
was published
Dec 1, 2021
Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior,...
High
Unreviewed
CVE-2021-20864
was published
Dec 2, 2021
The WPS Hide Login WordPress plugin before 1.9.1 has a bug which allows to get the secret login...
High
Unreviewed
CVE-2021-24917
was published
Dec 7, 2021
There is an Improper access control vulnerability in Huawei Smartphone.Successful exploitation of...
High
Unreviewed
CVE-2021-37038
was published
Dec 8, 2021
An improper authorization control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an...
High
Unreviewed
CVE-2021-42126
was published
Dec 8, 2021
An improper access control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an...
High
Unreviewed
CVE-2021-42124
was published
Dec 8, 2021
An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an...
High
Unreviewed
CVE-2021-42758
was published
Dec 9, 2021
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5...
High
Unreviewed
CVE-2021-29678
was published
Dec 10, 2021
HashiCorp Consul Enterprise before 1.8.17, 1.9.x before 1.9.11, and 1.10.x before 1.10.4 has...
High
Unreviewed
CVE-2021-41805
was published
Dec 13, 2021
The Spotfire Server component of TIBCO Software Inc.'s TIBCO Spotfire Server, TIBCO Spotfire...
High
Unreviewed
CVE-2021-43051
was published
Dec 15, 2021
An issue was discovered in HTCondor 9.0.x before 9.0.4 and 9.1.x before 9.1.2. When...
High
Unreviewed
CVE-2021-45102
was published
Dec 17, 2021
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Incorrect Access Control. The Systeam...
High
Unreviewed
CVE-2021-44877
was published
Dec 22, 2021
NVIDIA GeForce Experience contains a vulnerability in user authorization, where GameStream does...
High
Unreviewed
CVE-2021-23175
was published
Dec 24, 2021
Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed...
High
Unreviewed
CVE-2021-38017
was published
Dec 24, 2021
Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45...
High
Unreviewed
CVE-2021-38016
was published
Dec 24, 2021
Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user...
High
Unreviewed
CVE-2021-45379
was published
Dec 31, 2021
An issue was discovered in dst-admin v1.3.0. The product has an unauthorized arbitrary file...
High
Unreviewed
CVE-2021-44586
was published
Jan 11, 2022
Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app...
High
Unreviewed
CVE-2022-22288
was published
Jan 11, 2022
An issue has recently been discovered in Arista EOS where, under certain conditions, the service...
High
Unreviewed
CVE-2021-28507
was published
Jan 15, 2022
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by...
High
Unreviewed
CVE-2021-28500
was published
Jan 15, 2022
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by...
High
Unreviewed
CVE-2021-28501
was published
Jan 15, 2022
AX3600 router sensitive information leaked.There is an unauthorized interface through luci to...
High
Unreviewed
CVE-2020-14110
was published
Jan 19, 2022
ProTip!
Advisories are also available from the
GraphQL API