Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

3,893 advisories

Loading
Web Media Extensions Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-43214 was published Dec 16, 2021
iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution Critical Unreviewed
CVE-2021-43215 was published Dec 16, 2021
Windows Encrypting File System (EFS) Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-43217 was published Dec 16, 2021
Bot Framework SDK Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-43225 was published Dec 16, 2021
Remote Desktop Client Remote Code Execution Vulnerability High Unreviewed
CVE-2021-43233 was published Dec 16, 2021
Windows Event Tracing Remote Code Execution Vulnerability High Unreviewed
CVE-2021-43232 was published Dec 16, 2021
Microsoft Office Graphics Remote Code Execution Vulnerability High Unreviewed
CVE-2021-43875 was published Dec 16, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... Critical Unreviewed
CVE-2021-43882 was published Dec 16, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... High Unreviewed
CVE-2021-43889 was published Dec 16, 2021
Visual Studio Code Remote Code Execution Vulnerability High Unreviewed
CVE-2021-43891 was published Dec 16, 2021
Microsoft 4K Wireless Display Adapter Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-43899 was published Dec 16, 2021
In StackStorm versions prior to 3.6.0, the jinja interpreter was not run in sandbox mode and thus... High Unreviewed
CVE-2021-44657 was published Dec 16, 2021
Internally used text extraction reports allow an attacker to inject code that can be executed by... Critical Unreviewed
CVE-2021-44231 was published Dec 15, 2021
Two methods of a utility class in SAP NetWeaver AS ABAP - versions 700, 701, 702, 710, 711, 730,... High Unreviewed
CVE-2021-44235 was published Dec 15, 2021
A security vulnerability has been identified in HPE StoreServ Management Console (SSMC). An... High Unreviewed
CVE-2021-29214 was published Dec 11, 2021
Code Injection in node-rules Critical
CVE-2020-7609 was published for node-rules (npm) Dec 10, 2021
Code Injection in total4 Critical
CVE-2021-23390 was published for total4 (npm) Dec 10, 2021
Code Injection in total.js Critical
CVE-2021-23389 was published for total.js (npm) Dec 10, 2021
Code Injection in jackson-databind High
CVE-2020-24616 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Dec 9, 2021
Code injection via unsafe YAML loading High
CVE-2021-43811 was published for sockeye (pip) Dec 9, 2021
There is a Code Injection vulnerability in Huawei Smartphone.Successful exploitation of this... High Unreviewed
CVE-2021-37097 was published Dec 9, 2021
A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an... Critical Unreviewed
CVE-2021-44529 was published Dec 9, 2021
A remote file inclusion vulnerability in the ArcGIS Server help documentation may allow a remote,... Moderate Unreviewed
CVE-2021-29113 was published Dec 8, 2021
Code injection in FreeIPA High
CVE-2019-14867 was published for freeipa (pip) Dec 6, 2021
A remote code execution (RCE) vulnerability in course_intro_pdf_import.php of Chamilo LMS v1.11.x... High Unreviewed
CVE-2021-35413 was published Dec 4, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database