GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,388
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,752
Maven 4,982
npm 3,516
NuGet 609
pip 3,090
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,456

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

18,809 advisories

Filter by severity

Sort by

Least recently updated

There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of... Critical Unreviewed

CVE-2021-37042 was published Dec 8, 2021

There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of... Critical Unreviewed

CVE-2021-37041 was published Dec 8, 2021

A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 using... Critical Unreviewed

CVE-2021-42127 was published Dec 8, 2021

An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using... Critical Unreviewed

CVE-2021-42128 was published Dec 8, 2021

A SQL injection vulnerability in feature services provided by Esri ArcGIS Server 10.9 and below... Critical Unreviewed

CVE-2021-29114 was published Dec 8, 2021

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in... Critical Unreviewed

CVE-2021-4048 was published Dec 9, 2021

A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an... Critical Unreviewed

CVE-2021-44529 was published Dec 9, 2021

NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap... Critical Unreviewed

CVE-2021-43527 was published Dec 9, 2021

When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use... Critical Unreviewed

CVE-2021-38504 was published Dec 9, 2021

The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to... Critical Unreviewed

CVE-2021-38503 was published Dec 9, 2021

An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST... Critical Unreviewed

CVE-2021-21950 was published Dec 9, 2021

An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST... Critical Unreviewed

CVE-2021-21951 was published Dec 9, 2021

Multiple vulnerabilities in the authentication mechanism of confd in FortiWeb versions 6.4.1, 6.4... Critical Unreviewed

CVE-2021-41025 was published Dec 9, 2021

Mahavitaran android application 7.50 and prior are affected by account takeover due to improper... Critical Unreviewed

CVE-2020-27416 was published Dec 9, 2021

An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7... Critical Unreviewed

CVE-2021-41030 was published Dec 9, 2021

SQL injection vulnerability was discovered in Aanderaa GeoView Webservice prior to version 2.1.3... Critical Unreviewed

CVE-2021-41063 was published Dec 9, 2021

There is a Heap-based buffer overflow vulnerability in Huawei Smartphone.Successful exploitation... Critical Unreviewed

CVE-2021-37049 was published Dec 9, 2021

There is an Out-of-bounds read vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed

CVE-2021-37051 was published Dec 9, 2021

There is an UAF vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability... Critical Unreviewed

CVE-2021-37045 was published Dec 9, 2021

There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed

CVE-2021-37040 was published Dec 9, 2021

An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS... Critical Unreviewed

CVE-2021-26109 was published Dec 9, 2021

National Library of the Netherlands multiNER <= c0440948057afc6e3d6b4903a7c05e666b94a3bc is... Critical Unreviewed

CVE-2021-44557 was published Dec 9, 2021

National Library of the Netherlands digger < 6697d1269d981e35e11f240725b16401b5ce3db5 is affected... Critical Unreviewed

CVE-2021-44556 was published Dec 9, 2021

A buffer overflow vulnerability in SMA100 sonicfiles RAC_COPY_TO (RacNumber 36) method allows a... Critical Unreviewed

CVE-2021-20045 was published Dec 9, 2021

An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary... Critical Unreviewed

CVE-2021-20042 was published Dec 9, 2021

Previous 1 2 3 4 5 6 7 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

18,809 advisories