Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

674 advisories

Loading
CuppaCMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the... Critical Unreviewed
CVE-2022-25498 was published Mar 16, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) has Remote Code... Critical Unreviewed
CVE-2021-42786 was published Mar 11, 2022
SAPCAR - version 7.22, does not contain sufficient input validation on the SAPCAR archive. As a... Critical Unreviewed
CVE-2022-26100 was published Mar 11, 2022
In certain situations it is possible for an unmanaged rule to exist on the target system that has... Critical Unreviewed
CVE-2022-0675 was published Mar 3, 2022
An improper input validation vulnerability in the web server CGI facilities of FortiMail before 7... Critical Unreviewed
CVE-2021-32586 was published Mar 2, 2022
This issues due to insufficient verification of the various input values from user’s input. The... Critical Unreviewed
CVE-2021-26617 was published Feb 26, 2022
An improper input validation leading to arbitrary file creation was discovered in ToWord of... Critical Unreviewed
CVE-2021-26618 was published Feb 19, 2022
A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript... Critical Unreviewed
CVE-2021-3781 was published Feb 17, 2022
Improper Input Validation in SPIP Critical Unreviewed
CVE-2020-28984 was published Feb 15, 2022
Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to... Critical Unreviewed
CVE-2022-23425 was published Feb 12, 2022
There is a vulnerability of unstrict input parameter verification in the audio assembly... Critical Unreviewed
CVE-2021-39997 was published Feb 11, 2022
Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which... Critical Unreviewed
CVE-2021-44734 was published Jan 21, 2022
Serv-U web login screen was allowing characters that were not sanitized by the authentication... Critical Unreviewed
CVE-2021-35247 was published Jan 11, 2022
PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of... Critical Unreviewed
CVE-2021-37116 was published Jan 4, 2022
Crocoblock JetEngine before 2.9.1 does not properly validate and sanitize form data. Critical Unreviewed
CVE-2021-41844 was published Dec 16, 2021
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to execute... Critical Unreviewed
CVE-2021-39065 was published Dec 14, 2021
There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of... Critical Unreviewed
CVE-2021-37041 was published Dec 8, 2021
There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of... Critical Unreviewed
CVE-2021-37042 was published Dec 8, 2021
There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation... Critical Unreviewed
CVE-2021-37021 was published Dec 8, 2021
There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation... Critical Unreviewed
CVE-2021-37020 was published Dec 8, 2021
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation... Critical Unreviewed
CVE-2021-37079 was published Dec 8, 2021
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation... Critical Unreviewed
CVE-2021-37084 was published Dec 8, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Multiple functions in... Critical Unreviewed
CVE-2021-43033 was published Dec 7, 2021
An improper input validation leading to arbitrary file creation was discovered in copy method of... Critical Unreviewed
CVE-2021-26612 was published Dec 1, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database