Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

563 advisories

Loading
Inappropriate implementation in Network in Google Chrome prior to 90.0.4430.72 allowed a remote... Moderate Unreviewed
CVE-2021-21210 was published May 24, 2022
bookstack is vulnerable to Improper Access Control Moderate
CVE-2021-4194 was published for ssddanbrown/bookstack (Composer) Jan 8, 2022
IBM Security Identity Manager 6.0.2 could allow an authenticated malicious user to change the... Moderate Unreviewed
CVE-2021-20488 was published May 24, 2022
Local information disclosure via system temporary directory Moderate
CVE-2021-28168 was published for org.glassfish.jersey.core:jersey-common (Maven) Apr 23, 2021
JLLeitschuh
A potential vulnerability has been identified in HPE OneView Global Dashboard release 2.31 which... Moderate Unreviewed
CVE-2021-26585 was published May 24, 2022
Local Information Disclosure Vulnerability in io.netty:netty-codec-http Moderate
CVE-2022-24823 was published for io.netty:netty-codec-http (Maven) May 10, 2022
JLLeitschuh
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. Its... Moderate Unreviewed
CVE-2021-31547 was published May 24, 2022
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It incorrectly... Moderate Unreviewed
CVE-2021-31552 was published May 24, 2022
Information Disclosure vulnerability in UserAdmin application in SAP NetWeaver Application Server... Moderate Unreviewed
CVE-2021-27621 was published May 24, 2022
In getEndItemSliceAction of MediaOutputSlice.java, there is a possible permission bypass due to... Moderate Unreviewed
CVE-2021-0552 was published May 24, 2022
In createPendingIntent of SnoozeHelper.java, there is a possible broadcast intent containing a... Moderate Unreviewed
CVE-2021-0480 was published May 24, 2022
An issue existed in determining cache occupancy. The issue was addressed through improved logic.... Moderate Unreviewed
CVE-2021-1861 was published May 24, 2022
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.5 and... Moderate Unreviewed
CVE-2021-1822 was published May 24, 2022
Incorrect Access Control for linked Tickets in Zammad 1.0.x up to 4.0.0 allows remote attackers... Moderate Unreviewed
CVE-2021-35302 was published May 24, 2022
Incorrect Access Control in Zammad 1.0.x up to 4.0.0 allows remote attackers to obtain sensitive... Moderate Unreviewed
CVE-2021-35301 was published May 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor in OpenStack tripleo-heat-templates Moderate
CVE-2021-4180 was published for tripleo-heat-templates (pip) Mar 24, 2022
IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2021-20416 was published May 24, 2022
IBM Security Verify Access Docker 10.0.0 could reveal highly sensitive information to a local... Moderate Unreviewed
CVE-2021-20500 was published May 24, 2022
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It improperly... Moderate Unreviewed
CVE-2021-31554 was published May 24, 2022
A confusion between tag and branch names in GitLab CE/EE affecting all versions since 13.7... Moderate Unreviewed
CVE-2021-22252 was published May 24, 2022
Under certain conditions SAP Enable Now (SAP Workforce Performance Builder - Manager), versions -... Moderate Unreviewed
CVE-2021-27637 was published May 24, 2022
When a download was initiated, the client did not check whether it was in normal or private... Moderate Unreviewed
CVE-2021-29958 was published May 24, 2022
IBM QRadar SIEM 7.4.3 GA - 7.4.3 Fix Pack 1 when using domains or multi-tenancy could be... Moderate Unreviewed
CVE-2021-29880 was published May 24, 2022
In Artica Pandora FMS <=754 in the File Manager component, there is sensitive information exposed... Moderate Unreviewed
CVE-2021-34075 was published May 24, 2022
Inappropriate implementation in Navigation in Google Chrome prior to 93.0.4577.63 allowed a... Moderate Unreviewed
CVE-2021-30615 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API