GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
3,305 advisories
Filter by severity
In snoozeNotification of NotificationListenerService.java, there is a possible permission...
High
Unreviewed
CVE-2021-1019
was published
Dec 16, 2021
In setTransactionState of SurfaceFlinger, there is possible arbitrary code execution in a...
High
Unreviewed
CVE-2021-1027
was published
Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-199809304References: N/A
Critical
Unreviewed
CVE-2021-39644
was published
Dec 16, 2021
In ic_startRetrieveEntryValue of acropora/app/identity/ic.c, there is a possible bypass of...
Moderate
Unreviewed
CVE-2021-39643
was published
Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-126949257References: N/A
Critical
Unreviewed
CVE-2021-39641
was published
Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-199805112References: N/A
Critical
Unreviewed
CVE-2021-39645
was published
Dec 16, 2021
In (TBD) of (TBD), there is a possible way to boot with a hidden debug policy due to a missing...
High
Unreviewed
CVE-2021-39653
was published
Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-192641593References: N/A
Critical
Unreviewed
CVE-2021-39655
was published
Dec 16, 2021
Privilege escalation in the Sulu Admin panel
High
CVE-2021-43835
was published
for
sulu/sulu
(Composer)
Dec 15, 2021
An issue was discovered in Cuppa CMS Versions Before 31 Jan 2021 allows authenticated attackers...
High
Unreviewed
CVE-2021-3376
was published
Dec 15, 2021
IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when...
High
Unreviewed
CVE-2021-38950
was published
Dec 15, 2021
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.11 before 14...
Moderate
Unreviewed
CVE-2021-39931
was published
Dec 14, 2021
A collision in access memoization logic in all versions of GitLab CE/EE before 14.3.6, all...
High
Unreviewed
CVE-2021-39937
was published
Dec 14, 2021
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14...
High
Unreviewed
CVE-2021-39944
was published
Dec 14, 2021
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5...
Moderate
Unreviewed
CVE-2021-38926
was published
Dec 10, 2021
An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below...
High
Unreviewed
CVE-2021-26110
was published
Dec 9, 2021
An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021...
Low
Unreviewed
CVE-2021-25513
was published
Dec 9, 2021
An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows...
Low
Unreviewed
CVE-2021-25515
was published
Dec 9, 2021
Intent redirection vulnerability in Samsung Blockchain Wallet prior to version 1.3.02.8 allows...
Moderate
Unreviewed
CVE-2021-25526
was published
Dec 9, 2021
A privilege escalation vulnerability in FortiNAC versions 8.8.8 and below and 9.1.2 and below may...
High
Unreviewed
CVE-2021-41021
was published
Dec 9, 2021
APM Java Agent Local Privilege Escalation
High
CVE-2021-37941
was published
for
elastic-apm
(pip)
Dec 9, 2021
Thunderbird unexpectedly enabled JavaScript in the composition area. The JavaScript execution...
Moderate
Unreviewed
CVE-2021-43528
was published
Dec 9, 2021
Improper Privilege Management in devise_masquerade
High
CVE-2021-28680
was published
for
devise_masquerade
(RubyGems)
Dec 8, 2021
An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using...
Critical
Unreviewed
CVE-2021-42128
was published
Dec 8, 2021
There is a Permissions,Privileges,and Access Controls vulnerability in Huawei Smartphone...
High
Unreviewed
CVE-2021-37091
was published
Dec 8, 2021
ProTip!
Advisories are also available from the
GraphQL API