GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,339
Composer 4,133
Erlang 29
GitHub Actions 19
Go 1,940
Maven 5,135
npm 3,677
NuGet 645
pip 3,295
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 230,831

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

5,383 advisories

Filter by severity

Sort by

Least recently updated

Adobe After Effects version 18.4.1 (and earlier) is affected by a Null pointer dereference... Moderate Unreviewed

CVE-2021-40756 was published Nov 19, 2021

It was discovered that on Windows operating systems specifically, Kibana was not validating a... Moderate Unreviewed

CVE-2021-37938 was published Nov 19, 2021

The "WPO365 | LOGIN" WordPress plugin (up to and including version 15.3) by wpo365.com is... Moderate Unreviewed

CVE-2021-43409 was published Nov 20, 2021

A vulnerability in the web-based management interface of Cisco Common Services Platform Collector... Moderate Unreviewed

CVE-2021-40131 was published Nov 20, 2021

Dell EMC SCG 5.00.00.10 and earlier, contain a sensitive information disclosure vulnerability. A... Moderate Unreviewed

CVE-2021-36340 was published Nov 21, 2021

Adobe Prelude version 10.1 (and earlier) is affected by a null pointer dereference vulnerability... Moderate Unreviewed

CVE-2021-40774 was published Nov 23, 2021

Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0... Moderate Unreviewed

CVE-2021-38000 was published Nov 24, 2021

Dell EMC CloudLink 7.1 and all prior versions contain a HTML and Javascript Injection... Moderate Unreviewed

CVE-2021-36332 was published Nov 24, 2021

A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor prior to 6.5.2 allows a... Moderate Unreviewed

CVE-2021-31852 was published Nov 24, 2021

The BetterLinks WordPress plugin before 1.2.6 does not sanitise and escape some of imported link... Moderate Unreviewed

CVE-2021-24812 was published Nov 24, 2021

Dell PowerScale OneFS version 8.1.2 contains a sensitive information exposure vulnerability. This... Moderate Unreviewed

CVE-2021-21561 was published Nov 24, 2021

The WP RSS Aggregator WordPress plugin before 4.19.2 does not properly sanitise and escape the... Moderate Unreviewed

CVE-2021-24768 was published Nov 30, 2021

An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the... Moderate Unreviewed

CVE-2019-8921 was published Nov 30, 2021

Dell EMC Streaming Data Platform versions before 1.3 contain an Indirect Object Reference... Moderate Unreviewed

CVE-2021-36329 was published Dec 1, 2021

IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local privileged user to inject and execute... Moderate Unreviewed

CVE-2021-38967 was published Dec 1, 2021

The Kentico Xperience CMS version 13.0 – 13.0.43 is vulnerable to a persistent Cross-Site... Moderate Unreviewed

CVE-2021-43991 was published Dec 4, 2021

An information disclosure via GET request server-side request forgery vulnerability was... Moderate Unreviewed

CVE-2021-37940 was published Dec 8, 2021

There is a Permissions,Privileges,and Access Controls vulnerability in Huawei Smartphone... Moderate Unreviewed

CVE-2021-37058 was published Dec 8, 2021

A vulnerability found in UniFi Switch firmware Version 5.43.35 and earlier allows a malicious... Moderate Unreviewed

CVE-2021-44527 was published Dec 8, 2021

A DOM-based XSS vulnerability affects SquaredUp for SCOM 5.2.1.6654. If successfully exploited,... Moderate Unreviewed

CVE-2021-40094 was published Dec 8, 2021

A stored Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Server feature services versions... Moderate Unreviewed

CVE-2021-29116 was published Dec 8, 2021

A improper neutralization of input during web page generation ('cross-site scripting') in... Moderate Unreviewed

CVE-2021-42752 was published Dec 9, 2021

A improper neutralization of input during web page generation ('cross-site scripting') in... Moderate Unreviewed

CVE-2021-41029 was published Dec 9, 2021

IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to hijack the... Moderate Unreviewed

CVE-2021-39054 was published Dec 14, 2021

The Shiny Buttons WordPress plugin through 1.1.0 does not have any authorisation and CSRF in... Moderate Unreviewed

CVE-2021-24792 was published Dec 14, 2021

Previous 1 2 3 4 5 … 215 216 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

5,383 advisories