GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
876 advisories
Filter by severity
A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a...
Critical
Unreviewed
CVE-2021-44143
was published
Nov 23, 2021
The SQL injection vulnerability in the Hide My WP WordPress plugin (versions <= 6.2.3) is...
Critical
Unreviewed
CVE-2021-36916
was published
Nov 25, 2021
The vSphere Web Client (FLEX/Flash) contains an SSRF (Server Side Request Forgery) vulnerability...
Critical
Unreviewed
CVE-2021-22049
was published
Nov 25, 2021
An improper input validation leading to arbitrary file creation was discovered in copy method of...
Critical
Unreviewed
CVE-2021-26612
was published
Dec 1, 2021
An issue (5 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the...
Critical
Unreviewed
CVE-2021-44681
was published
Dec 7, 2021
An issue (6 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the...
Critical
Unreviewed
CVE-2021-44682
was published
Dec 7, 2021
An issue (3 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the...
Critical
Unreviewed
CVE-2021-44679
was published
Dec 7, 2021
An issue (2 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the...
Critical
Unreviewed
CVE-2021-44678
was published
Dec 7, 2021
An issue (4 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the...
Critical
Unreviewed
CVE-2021-44680
was published
Dec 7, 2021
An issue (1 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the...
Critical
Unreviewed
CVE-2021-44677
was published
Dec 7, 2021
A missing bounds check in image blurring code prior to WhatsApp for Android v2.21.22.7 and...
Critical
Unreviewed
CVE-2021-24041
was published
Dec 8, 2021
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation...
Critical
Unreviewed
CVE-2021-37084
was published
Dec 8, 2021
National Library of the Netherlands digger < 6697d1269d981e35e11f240725b16401b5ce3db5 is affected...
Critical
Unreviewed
CVE-2021-44556
was published
Dec 9, 2021
National Library of the Netherlands multiNER <= c0440948057afc6e3d6b4903a7c05e666b94a3bc is...
Critical
Unreviewed
CVE-2021-44557
was published
Dec 9, 2021
VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 contain an authentication bypass...
Critical
Unreviewed
CVE-2021-22057
was published
Dec 21, 2021
Chain Sea ai chatbot system’s file upload function has insufficient filtering for special...
Critical
Unreviewed
CVE-2021-44164
was published
Dec 21, 2021
An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling...
Critical
Unreviewed
CVE-2021-40393
was published
Dec 23, 2021
A stack-based buffer overflow vulnerability exists in the CMA check_udp_crc function of Garrett...
Critical
Unreviewed
CVE-2021-21903
was published
Dec 23, 2021
The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior...
Critical
Unreviewed
CVE-2021-24042
was published
Jan 5, 2022
In Teedy, versions v1.5 through v1.9 are vulnerable to Stored Cross-Site Scripting (XSS) in the...
Critical
Unreviewed
CVE-2022-22115
was published
Jan 11, 2022
The bone voice ID trusted application (TA) has a heap overflow vulnerability. Successful...
Critical
Unreviewed
CVE-2021-40010
was published
Jan 11, 2022
In the case of instances where the SAML SSO authentication is enabled (non-default), session data...
Critical
Unreviewed
CVE-2022-23131
was published
Jan 14, 2022
An injection vulnerability exists in a third-party library used in UniFi Network Version 6.5.53...
Critical
Unreviewed
CVE-2021-44530
was published
Jan 15, 2022
Imperva Web Application Firewall (WAF) before 2021-12-31 allows remote unauthenticated attackers...
Critical
Unreviewed
CVE-2021-45468
was published
Jan 15, 2022
NVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability which can...
Critical
Unreviewed
CVE-2022-21817
was published
Feb 8, 2022
ProTip!
Advisories are also available from the
GraphQL API