Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,218
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

493 advisories

Loading
Insufficient validation of guest context in the SNP Firmware could lead to a potential loss of... Moderate Unreviewed
CVE-2021-26327 was published Nov 17, 2021
PSP protection against improperly configured side channels may lead to potential information... Moderate Unreviewed
CVE-2021-26312 was published Nov 17, 2021
Philips MRI 1.5T and MRI 3T Version 5.x.x exposes sensitive information to an actor not... Moderate Unreviewed
CVE-2021-42744 was published Nov 20, 2021
Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a... Moderate Unreviewed
CVE-2021-38004 was published Nov 24, 2021
Azure Active Directory Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-42306 was published Nov 25, 2021
In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message... Moderate Unreviewed
CVE-2021-44225 was published Nov 27, 2021
Incorrect Access Control in Web Applications operating on Business-DNA Solutions GmbH’s... Moderate Unreviewed
CVE-2021-42116 was published Dec 1, 2021
IBM Cognos Analytics 11.1.7 and 11.2.0 could be vulnerable to client side vulnerabilties due to a... Moderate Unreviewed
CVE-2021-29719 was published Dec 4, 2021
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated to view or edit a Jupyter... Moderate Unreviewed
CVE-2021-29867 was published Dec 4, 2021
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow a low level user to reas of the application... Moderate Unreviewed
CVE-2021-29716 was published Dec 4, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The apache user could... Moderate Unreviewed
CVE-2021-43043 was published Dec 7, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The Samba file... Moderate Unreviewed
CVE-2021-43039 was published Dec 7, 2021
An information disclosure vulnerability in the ArcGIS Service Directory in Esri ArcGIS Enterprise... Moderate Unreviewed
CVE-2021-29115 was published Dec 8, 2021
Under certain circumstances, asynchronous functions could have caused a navigation to fail but... Moderate Unreviewed
CVE-2021-43536 was published Dec 9, 2021
Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will... Moderate Unreviewed
CVE-2021-38505 was published Dec 9, 2021
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1, and 11.5 is vulnerable to... Moderate Unreviewed
CVE-2021-38931 was published Dec 10, 2021
Improper access control in the GraphQL API in GitLab CE/EE affecting all versions starting from... Moderate Unreviewed
CVE-2021-39915 was published Dec 14, 2021
In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory... Moderate Unreviewed
CVE-2021-39648 was published Dec 16, 2021
In hasGrantedPolicy of DevicePolicyManagerService.java, there is a possible information... Moderate Unreviewed
CVE-2021-0986 was published Dec 16, 2021
In code generated by BuildParcelFields of generate_cpp.cpp, there is a possible way for a crafted... Moderate Unreviewed
CVE-2021-0966 was published Dec 16, 2021
Storage Spaces Controller Information Disclosure Vulnerability This CVE ID is unique from CVE... Moderate Unreviewed
CVE-2021-43235 was published Dec 16, 2021
Storage Spaces Controller Information Disclosure Vulnerability This CVE ID is unique from CVE... Moderate Unreviewed
CVE-2021-43227 was published Dec 16, 2021
Windows Common Log File System Driver Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-43224 was published Dec 16, 2021
Microsoft Local Security Authority Server (lsasrv) Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-43216 was published Dec 16, 2021
Visual Basic for Applications Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-42295 was published Dec 16, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database