Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

698 advisories

Loading
Improper access control in the software installer for the Intel(R) Serial IO driver for Intel(R)... High Unreviewed
CVE-2021-33118 was published Nov 18, 2021
Insufficient security control vulnerability in internal database access mechanism of Hitachi... High Unreviewed
CVE-2021-35534 was published Nov 19, 2021
Improper authorization in handler for custom URL scheme vulnerability in Android App 'Mercari ... High Unreviewed
CVE-2021-20835 was published Nov 25, 2021
Trend Micro Antivirus for Mac 2021 v11 (Consumer) is vulnerable to an improper access control... High Unreviewed
CVE-2021-43771 was published Dec 1, 2021
Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior,... High Unreviewed
CVE-2021-20864 was published Dec 2, 2021
The WPS Hide Login WordPress plugin before 1.9.1 has a bug which allows to get the secret login... High Unreviewed
CVE-2021-24917 was published Dec 7, 2021
There is an Improper access control vulnerability in Huawei Smartphone.Successful exploitation of... High Unreviewed
CVE-2021-37038 was published Dec 8, 2021
An improper authorization control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an... High Unreviewed
CVE-2021-42126 was published Dec 8, 2021
An improper access control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an... High Unreviewed
CVE-2021-42124 was published Dec 8, 2021
An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an... High Unreviewed
CVE-2021-42758 was published Dec 9, 2021
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5... High Unreviewed
CVE-2021-29678 was published Dec 10, 2021
HashiCorp Consul Enterprise before 1.8.17, 1.9.x before 1.9.11, and 1.10.x before 1.10.4 has... High Unreviewed
CVE-2021-41805 was published Dec 13, 2021
The Spotfire Server component of TIBCO Software Inc.'s TIBCO Spotfire Server, TIBCO Spotfire... High Unreviewed
CVE-2021-43051 was published Dec 15, 2021
An issue was discovered in HTCondor 9.0.x before 9.0.4 and 9.1.x before 9.1.2. When... High Unreviewed
CVE-2021-45102 was published Dec 17, 2021
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Incorrect Access Control. The Systeam... High Unreviewed
CVE-2021-44877 was published Dec 22, 2021
NVIDIA GeForce Experience contains a vulnerability in user authorization, where GameStream does... High Unreviewed
CVE-2021-23175 was published Dec 24, 2021
Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45... High Unreviewed
CVE-2021-38016 was published Dec 24, 2021
Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed... High Unreviewed
CVE-2021-38017 was published Dec 24, 2021
Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user... High Unreviewed
CVE-2021-45379 was published Dec 31, 2021
An issue was discovered in dst-admin v1.3.0. The product has an unauthorized arbitrary file... High Unreviewed
CVE-2021-44586 was published Jan 11, 2022
Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app... High Unreviewed
CVE-2022-22288 was published Jan 11, 2022
An issue has recently been discovered in Arista EOS where, under certain conditions, the service... High Unreviewed
CVE-2021-28507 was published Jan 15, 2022
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by... High Unreviewed
CVE-2021-28500 was published Jan 15, 2022
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by... High Unreviewed
CVE-2021-28501 was published Jan 15, 2022
AX3600 router sensitive information leaked.There is an unauthorized interface through luci to... High Unreviewed
CVE-2020-14110 was published Jan 19, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database