GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
563 advisories
Filter by severity
Inappropriate implementation in Network in Google Chrome prior to 90.0.4430.72 allowed a remote...
Moderate
Unreviewed
CVE-2021-21210
was published
May 24, 2022
bookstack is vulnerable to Improper Access Control
Moderate
CVE-2021-4194
was published
for
ssddanbrown/bookstack
(Composer)
Jan 8, 2022
IBM Security Identity Manager 6.0.2 could allow an authenticated malicious user to change the...
Moderate
Unreviewed
CVE-2021-20488
was published
May 24, 2022
Local information disclosure via system temporary directory
Moderate
CVE-2021-28168
was published
for
org.glassfish.jersey.core:jersey-common
(Maven)
Apr 23, 2021
A potential vulnerability has been identified in HPE OneView Global Dashboard release 2.31 which...
Moderate
Unreviewed
CVE-2021-26585
was published
May 24, 2022
Local Information Disclosure Vulnerability in io.netty:netty-codec-http
Moderate
CVE-2022-24823
was published
for
io.netty:netty-codec-http
(Maven)
May 10, 2022
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. Its...
Moderate
Unreviewed
CVE-2021-31547
was published
May 24, 2022
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It incorrectly...
Moderate
Unreviewed
CVE-2021-31552
was published
May 24, 2022
Information Disclosure vulnerability in UserAdmin application in SAP NetWeaver Application Server...
Moderate
Unreviewed
CVE-2021-27621
was published
May 24, 2022
In getEndItemSliceAction of MediaOutputSlice.java, there is a possible permission bypass due to...
Moderate
Unreviewed
CVE-2021-0552
was published
May 24, 2022
In createPendingIntent of SnoozeHelper.java, there is a possible broadcast intent containing a...
Moderate
Unreviewed
CVE-2021-0480
was published
May 24, 2022
An issue existed in determining cache occupancy. The issue was addressed through improved logic....
Moderate
Unreviewed
CVE-2021-1861
was published
May 24, 2022
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.5 and...
Moderate
Unreviewed
CVE-2021-1822
was published
May 24, 2022
Incorrect Access Control for linked Tickets in Zammad 1.0.x up to 4.0.0 allows remote attackers...
Moderate
Unreviewed
CVE-2021-35302
was published
May 24, 2022
Incorrect Access Control in Zammad 1.0.x up to 4.0.0 allows remote attackers to obtain sensitive...
Moderate
Unreviewed
CVE-2021-35301
was published
May 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor in OpenStack tripleo-heat-templates
Moderate
CVE-2021-4180
was published
for
tripleo-heat-templates
(pip)
Mar 24, 2022
IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2021-20416
was published
May 24, 2022
IBM Security Verify Access Docker 10.0.0 could reveal highly sensitive information to a local...
Moderate
Unreviewed
CVE-2021-20500
was published
May 24, 2022
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It improperly...
Moderate
Unreviewed
CVE-2021-31554
was published
May 24, 2022
A confusion between tag and branch names in GitLab CE/EE affecting all versions since 13.7...
Moderate
Unreviewed
CVE-2021-22252
was published
May 24, 2022
Under certain conditions SAP Enable Now (SAP Workforce Performance Builder - Manager), versions -...
Moderate
Unreviewed
CVE-2021-27637
was published
May 24, 2022
When a download was initiated, the client did not check whether it was in normal or private...
Moderate
Unreviewed
CVE-2021-29958
was published
May 24, 2022
IBM QRadar SIEM 7.4.3 GA - 7.4.3 Fix Pack 1 when using domains or multi-tenancy could be...
Moderate
Unreviewed
CVE-2021-29880
was published
May 24, 2022
In Artica Pandora FMS <=754 in the File Manager component, there is sensitive information exposed...
Moderate
Unreviewed
CVE-2021-34075
was published
May 24, 2022
Inappropriate implementation in Navigation in Google Chrome prior to 93.0.4577.63 allowed a...
Moderate
Unreviewed
CVE-2021-30615
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API