GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
100,303 advisories
Filter by severity
Authenticated Persistent Cross-Site Scripting (XSS) vulnerability discovered in WordPress Backup...
Moderate
Unreviewed
CVE-2021-36884
was published
Nov 20, 2021
Philips MRI 1.5T and MRI 3T Version 5.x.x assigns an owner who is outside the intended control...
Moderate
Unreviewed
CVE-2021-26248
was published
Nov 20, 2021
Philips MRI 1.5T and MRI 3T Version 5.x.x exposes sensitive information to an actor not...
Moderate
Unreviewed
CVE-2021-42744
was published
Nov 20, 2021
Philips MRI 1.5T and MRI 3T Version 5.x.x does not restrict or incorrectly restricts access to a...
Moderate
Unreviewed
CVE-2021-26262
was published
Nov 20, 2021
OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow via the component ...
Moderate
Unreviewed
CVE-2021-29323
was published
Nov 20, 2021
The "WPO365 | LOGIN" WordPress plugin (up to and including version 15.3) by wpo365.com is...
Moderate
Unreviewed
CVE-2021-43409
was published
Nov 20, 2021
The Preview E-Mails for WooCommerce WordPress plugin is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2021-42363
was published
Nov 20, 2021
A vulnerability in the web-based management interface of Cisco Common Services Platform Collector...
Moderate
Unreviewed
CVE-2021-40131
was published
Nov 20, 2021
A vulnerability in the web application of Cisco Common Services Platform Collector (CSPC) could...
Moderate
Unreviewed
CVE-2021-40130
was published
Nov 20, 2021
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may...
Moderate
Unreviewed
CVE-2021-1105
was published
Nov 21, 2021
Dell EMC SCG 5.00.00.10 and earlier, contain a sensitive information disclosure vulnerability. A...
Moderate
Unreviewed
CVE-2021-36340
was published
Nov 21, 2021
Dell Networking X-Series firmware versions prior to 3.0.1.8 contain a host header injection...
Moderate
Unreviewed
CVE-2021-36322
was published
Nov 21, 2021
Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x & 10.5.2.x, contain an uncontrolled...
Moderate
Unreviewed
CVE-2021-36310
was published
Nov 21, 2021
This issue affects: Secomea GateManager All versions prior to 9.6. Improper Check of host header...
Moderate
Unreviewed
CVE-2021-32004
was published
Nov 23, 2021
An XML External Entity issue in Claris FileMaker Pro and Server (including WebDirect) before 19.4...
Moderate
Unreviewed
CVE-2021-44147
was published
Nov 23, 2021
Rapid7 Nexpose versions prior to 6.6.114 suffer from an information exposure issue whereby, when...
Moderate
Unreviewed
CVE-2019-5640
was published
Nov 23, 2021
Adobe Prelude version 10.1 (and earlier) is affected by a null pointer dereference vulnerability...
Moderate
Unreviewed
CVE-2021-40774
was published
Nov 23, 2021
OX App Suite 7.10.5 allows XSS via an OX Chat system message.
Moderate
Unreviewed
CVE-2021-33495
was published
Nov 23, 2021
OX App Suite through 7.10.5 allows XSS via the alt attribute of an IMG element in a truncated e...
Moderate
Unreviewed
CVE-2021-38375
was published
Nov 23, 2021
OX App Suite through 7.10.5 allows XSS via JavaScript code in an anchor HTML comment within...
Moderate
Unreviewed
CVE-2021-38377
was published
Nov 23, 2021
The middleware component in OX App Suite through 7.10.5 allows Code Injection via Java classes in...
Moderate
Unreviewed
CVE-2021-33493
was published
Nov 23, 2021
OX App Suite through 7.10.5 allows XSS via JavaScript code in a shared XCF file.
Moderate
Unreviewed
CVE-2021-33489
was published
Nov 23, 2021
OX App Suite 7.10.5 allows XSS via an OX Chat room title during typing rendering.
Moderate
Unreviewed
CVE-2021-33494
was published
Nov 23, 2021
OX App Suite through 7.10.5 allows Directory Traversal via ../ in an OOXML or ODF ZIP archive,...
Moderate
Unreviewed
CVE-2021-33491
was published
Nov 23, 2021
OX App Suite through 7.10.5 allows XSS via a crafted snippet in a shared mail signature.
Moderate
Unreviewed
CVE-2021-33490
was published
Nov 23, 2021
ProTip!
Advisories are also available from the
GraphQL API