GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
231 advisories
Filter by severity
A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches...
Moderate
Unreviewed
CVE-2021-1231
was published
May 24, 2022
When a link to an external protocol was clicked, a prompt was presented that allowed the user to...
Moderate
Unreviewed
CVE-2020-15682
was published
May 24, 2022
A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of...
Moderate
Unreviewed
CVE-2019-8754
was published
May 24, 2022
A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7...
High
Unreviewed
CVE-2020-3864
was published
May 24, 2022
DSUtility.dll in Pelco Digital Sentry Server before 7.19.67 has an arbitrary file write...
High
Unreviewed
CVE-2021-27197
was published
May 24, 2022
Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a...
Moderate
Unreviewed
CVE-2021-21183
was published
May 24, 2022
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96...
Moderate
Unreviewed
CVE-2021-21136
was published
May 24, 2022
Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a...
Moderate
Unreviewed
CVE-2021-21135
was published
May 24, 2022
An Origin Validation Error vulnerability in the SafePay component of Bitdefender Antivirus Plus...
Moderate
Unreviewed
CVE-2020-15733
was published
May 24, 2022
ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the...
High
Unreviewed
CVE-2020-6881
was published
May 24, 2022
An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. Because the...
High
Unreviewed
CVE-2020-35556
was published
May 24, 2022
Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72...
Moderate
Unreviewed
CVE-2021-21164
was published
May 24, 2022
Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed...
Moderate
Unreviewed
CVE-2021-21163
was published
May 24, 2022
Inappropriate implementation in Site isolation in Google Chrome prior to 89.0.4389.72 allowed a...
Moderate
Unreviewed
CVE-2021-21175
was published
May 24, 2022
Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a...
Moderate
Unreviewed
CVE-2021-21184
was published
May 24, 2022
An overly permissive CORS policy in Devolutions Server before 2021.1 and Devolutions Server LTS...
Moderate
Unreviewed
CVE-2021-28048
was published
May 24, 2022
Incorrect security UI in downloads in Google Chrome on Android prior to 90.0.4430.93 allowed a...
Moderate
Unreviewed
CVE-2021-21229
was published
May 24, 2022
IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused...
High
Unreviewed
CVE-2020-4881
was published
May 24, 2022
A malicious extension with the 'search' permission could have installed a new search engine whose...
Moderate
Unreviewed
CVE-2021-23986
was published
May 24, 2022
An Origin Validation Error vulnerability in Bitdefender Safepay allows an attacker to manipulate...
Moderate
Unreviewed
CVE-2020-15734
was published
May 24, 2022
The server in npupnp before 4.1.4 is affected by DNS rebinding in the embedded web server ...
High
Unreviewed
CVE-2021-31718
was published
May 24, 2022
Inappropriate implementation in storage in Google Chrome prior to 90.0.4430.72 allowed a remote...
Moderate
Unreviewed
CVE-2021-21209
was published
May 24, 2022
Inappropriate implementation in Navigation in Google Chrome on iOS prior to 90.0.4430.72 allowed...
Moderate
Unreviewed
CVE-2021-21211
was published
May 24, 2022
Remote code execution in Eclipse Theia
High
CVE-2021-34435
was published
for
@theia/mini-browser
(npm)
Sep 2, 2021
In JetBrains IntelliJ IDEA before 2022.1 origin checks in the internal web server were flawed
High
Unreviewed
CVE-2022-29818
was published
Apr 29, 2022
ProTip!
Advisories are also available from the
GraphQL API