GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,282
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,105
Rust
1,490
Swift
61
Unreviewed advisories
All unreviewed
5,000+
1,073 advisories
Filter by severity
IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 as well as IBM Rational Team Concert 6...
Moderate
Unreviewed
CVE-2021-29701
was published
Jan 12, 2022
Windows GDI+ Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21915.
High
Unreviewed
CVE-2022-21880
was published
Jan 12, 2022
Windows GDI Information Disclosure Vulnerability.
High
Unreviewed
CVE-2022-21904
was published
Jan 12, 2022
Windows GDI+ Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21880.
Moderate
Unreviewed
CVE-2022-21915
was published
Jan 12, 2022
Remote Desktop Licensing Diagnoser Information Disclosure Vulnerability.
Moderate
Unreviewed
CVE-2022-21964
was published
Jan 12, 2022
The affected product is vulnerable to an improper access control, which may allow an...
Moderate
Unreviewed
CVE-2021-23173
was published
Jan 11, 2022
The distributed data service component has a vulnerability in data access control. Successful...
High
Unreviewed
CVE-2021-40005
was published
Jan 11, 2022
In Beaver Builder through 2.5.0.3, attackers can bypass the visibility controls protection...
Moderate
Unreviewed
CVE-2021-42748
was published
Jan 11, 2022
In Beaver Themer, attackers can bypass conditional logic controls (for hiding content) when...
Moderate
Unreviewed
CVE-2021-42749
was published
Jan 11, 2022
SQL Injection in Apache Kylin
Moderate
CVE-2021-36774
was published
for
org.apache.kylin:kylin
(Maven)
Jan 8, 2022
bookstack is vulnerable to Improper Access Control
Moderate
CVE-2021-4194
was published
for
ssddanbrown/bookstack
(Composer)
Jan 8, 2022
Abomonation transmutes &T to and from &[u8] without sufficient constraints
High
CVE-2021-45708
was published
for
abomonation
(Rust)
Jan 6, 2022
Improper handling of resource allocation in virtual machines can lead to information exposure in...
Moderate
Unreviewed
CVE-2021-1918
was published
Jan 4, 2022
Improper access control while doing XPU re-configuration dynamically can lead to unauthorized...
High
Unreviewed
CVE-2021-30276
was published
Jan 4, 2022
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this...
High
Unreviewed
CVE-2021-37133
was published
Jan 4, 2022
MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability...
High
Unreviewed
CVE-2021-39972
was published
Jan 4, 2022
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this...
High
Unreviewed
CVE-2021-39969
was published
Jan 4, 2022
Telephony application has a Exposure of Sensitive Information to an Unauthorized Actor...
Moderate
Unreviewed
CVE-2021-39980
was published
Jan 4, 2022
An issue was discovered in BS_RCIO64.sys in Biostar RACING GT Evo 2.1.1905.1700. A low-integrity...
High
Unreviewed
CVE-2021-44852
was published
Jan 2, 2022
Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file...
High
Unreviewed
CVE-2021-44717
was published
Jan 2, 2022
Emuse - eServices / eNvoice Exposure Of Private Personal Information due to lack of...
High
Unreviewed
CVE-2021-36723
was published
Dec 30, 2021
An arbitrary file download vulnerability in jeecg v3.8 allows attackers to access sensitive files...
High
Unreviewed
CVE-2020-20948
was published
Dec 28, 2021
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This...
Moderate
Unreviewed
CVE-2021-45494
was published
Dec 27, 2021
Inappropriate implementation in cache in Google Chrome prior to 96.0.4664.45 allowed a remote...
Moderate
Unreviewed
CVE-2021-38009
was published
Dec 24, 2021
An Improper Access Control Vulnerability in the SMA100 series leads to multiple restricted...
High
Unreviewed
CVE-2021-20050
was published
Dec 24, 2021
ProTip!
Advisories are also available from the
GraphQL API