GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
221,313 advisories
Filter by severity
In edma driver, there is a possible memory corruption due to a use after free. This could lead to...
Moderate
Unreviewed
CVE-2021-0656
was published
Nov 19, 2021
In apusys, there is a possible memory corruption due to a use after free. This could lead to...
High
Unreviewed
CVE-2021-0670
was published
Nov 19, 2021
In apusys, there is a possible memory corruption due to incorrect error handling. This could lead...
High
Unreviewed
CVE-2021-0668
was published
Nov 19, 2021
In apusys, there is a possible memory corruption due to a use after free. This could lead to...
Moderate
Unreviewed
CVE-2021-0667
was published
Nov 19, 2021
In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could...
Moderate
Unreviewed
CVE-2021-0666
was published
Nov 19, 2021
In ccu, there is a possible memory corruption due to a use after free. This could lead to local...
Moderate
Unreviewed
CVE-2021-0664
was published
Nov 19, 2021
Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows...
Moderate
Unreviewed
CVE-2021-35535
was published
Nov 19, 2021
In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could...
Moderate
Unreviewed
CVE-2021-0665
was published
Nov 19, 2021
In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead...
Moderate
Unreviewed
CVE-2021-0658
was published
Nov 19, 2021
In ape extractor, there is a possible out of bounds read due to a missing bounds check. This...
Moderate
Unreviewed
CVE-2021-0619
was published
Nov 19, 2021
In asf extractor, there is a possible out of bounds read due to a heap buffer overflow. This...
Moderate
Unreviewed
CVE-2021-0620
was published
Nov 19, 2021
In mdlactl driver, there is a possible memory corruption due to a use after free. This could lead...
High
Unreviewed
CVE-2021-0629
was published
Nov 19, 2021
A code execution vulnerability exists in the dwgCompressor::decompress18() functionality of...
High
Unreviewed
CVE-2021-21898
was published
Nov 20, 2021
An issue was discovered in Quagga through 1.2.4. Unsafe chown/chmod operations in the suggested...
High
Unreviewed
CVE-2021-44038
was published
Nov 20, 2021
Authenticated Persistent Cross-Site Scripting (XSS) vulnerability discovered in WordPress Backup...
Moderate
Unreviewed
CVE-2021-36884
was published
Nov 20, 2021
Philips MRI 1.5T and MRI 3T Version 5.x.x assigns an owner who is outside the intended control...
Moderate
Unreviewed
CVE-2021-26248
was published
Nov 20, 2021
Philips MRI 1.5T and MRI 3T Version 5.x.x exposes sensitive information to an actor not...
Moderate
Unreviewed
CVE-2021-42744
was published
Nov 20, 2021
Philips MRI 1.5T and MRI 3T Version 5.x.x does not restrict or incorrectly restricts access to a...
Moderate
Unreviewed
CVE-2021-26262
was published
Nov 20, 2021
Team Password Manager (aka TeamPasswordManager) before 10.135.236 has a CSRF vulnerability during...
High
Unreviewed
CVE-2021-44036
was published
Nov 20, 2021
Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of...
High
Unreviewed
CVE-2021-39926
was published
Nov 20, 2021
Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows...
High
Unreviewed
CVE-2021-39924
was published
Nov 20, 2021
NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17...
High
Unreviewed
CVE-2021-39921
was published
Nov 20, 2021
OpenSource Moddable v10.5.0 was discovered to contain a stack overflow in the...
High
Unreviewed
CVE-2021-29329
was published
Nov 20, 2021
Team Password Manager (aka TeamPasswordManager) before 10.135.236 allows password-reset poisoning.
High
Unreviewed
CVE-2021-44037
was published
Nov 20, 2021
NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of...
High
Unreviewed
CVE-2021-39923
was published
Nov 20, 2021
ProTip!
Advisories are also available from the
GraphQL API