GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
4,494 advisories
Filter by severity
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a...
Moderate
Unreviewed
CVE-2021-0158
was published
Nov 18, 2021
Dell Networking X-Series firmware versions prior to 3.0.1.8 contain a host header injection...
Moderate
Unreviewed
CVE-2021-36322
was published
Nov 21, 2021
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0...
Moderate
Unreviewed
CVE-2021-38000
was published
Nov 24, 2021
The Reviews Plus WordPress plugin before 1.2.14 does not validate the submitted rating, allowing...
Moderate
Unreviewed
CVE-2021-24894
was published
Nov 24, 2021
A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image...
Moderate
Unreviewed
CVE-2021-3802
was published
Nov 30, 2021
Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s...
Moderate
Unreviewed
CVE-2021-42122
was published
Dec 1, 2021
Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s...
Moderate
Unreviewed
CVE-2021-42121
was published
Dec 1, 2021
There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this...
Moderate
Unreviewed
CVE-2021-37039
was published
Dec 9, 2021
When a user opens a manipulated GIF (.gif) file received from untrusted sources in SAP 3D Visual...
Moderate
Unreviewed
CVE-2021-42068
was published
Dec 15, 2021
When a user opens manipulated Tagged Image File Format (.tif) file received from untrusted...
Moderate
Unreviewed
CVE-2021-42069
was published
Dec 15, 2021
When a user opens manipulated Jupiter Tessellation (.jt) file received from untrusted sources in...
Moderate
Unreviewed
CVE-2021-42070
was published
Dec 15, 2021
Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-42320.
Moderate
Unreviewed
CVE-2021-43242
was published
Dec 16, 2021
An attacker with basic CRUD permissions on a replicated collection can run the applyOps command...
Moderate
Unreviewed
CVE-2021-20330
was published
Dec 16, 2021
Mattermost 6.0 and earlier fails to sufficiently validate parameters during post creation, which...
Moderate
Unreviewed
CVE-2021-37863
was published
Dec 18, 2021
In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could...
Moderate
Unreviewed
CVE-2021-0902
was published
Dec 18, 2021
In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could...
Moderate
Unreviewed
CVE-2021-0900
was published
Dec 18, 2021
In alac decoder, there is a possible out of bounds read due to an incorrect bounds check. This...
Moderate
Unreviewed
CVE-2021-0674
was published
Dec 18, 2021
Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a...
Moderate
Unreviewed
CVE-2021-4068
was published
Dec 24, 2021
Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote...
Moderate
Unreviewed
CVE-2021-4059
was published
Dec 24, 2021
Patient Information Center iX (PIC iX) Versions C.02 and C.03 receives input or data, but does...
Moderate
Unreviewed
CVE-2021-43548
was published
Dec 28, 2021
Improper input validation in TrustZone memory transfer interface can lead to information...
Moderate
Unreviewed
CVE-2021-30278
was published
Jan 4, 2022
In vow driver, there is a possible memory corruption due to improper input validation. This could...
Moderate
Unreviewed
CVE-2022-20014
was published
Jan 5, 2022
In wifi driver, there is a possible system crash due to a missing validation check. This could...
Moderate
Unreviewed
CVE-2021-41789
was published
Jan 5, 2022
A missing input validation before memory copy in TIMA trustlet prior to SMR Jan-2022 Release 1...
Moderate
Unreviewed
CVE-2022-22271
was published
Jan 11, 2022
AEM's Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a...
Moderate
Unreviewed
CVE-2021-43762
was published
Jan 14, 2022
ProTip!
Advisories are also available from the
GraphQL API