GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
221,313 advisories
Filter by severity
An XML External Entity issue in Claris FileMaker Pro and Server (including WebDirect) before 19.4...
Moderate
Unreviewed
CVE-2021-44147
was published
Nov 23, 2021
The affected controllers do not properly sanitize the input containing code syntax. As a result,...
High
Unreviewed
CVE-2021-38448
was published
Nov 23, 2021
Adobe InCopy version 16.4 (and earlier) is affected by a memory corruption vulnerability due to...
High
Unreviewed
CVE-2021-43015
was published
Nov 23, 2021
PLC Editor Versions 1.3.8 and prior is vulnerable to an out-of-bounds write while processing...
High
Unreviewed
CVE-2021-42707
was published
Nov 23, 2021
Rapid7 Nexpose versions prior to 6.6.114 suffer from an information exposure issue whereby, when...
Moderate
Unreviewed
CVE-2019-5640
was published
Nov 23, 2021
Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to...
High
Unreviewed
CVE-2021-42738
was published
Nov 23, 2021
Adobe Prelude version 10.1 (and earlier) is affected by an improper input validation...
High
Unreviewed
CVE-2021-42733
was published
Nov 23, 2021
Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to...
High
Unreviewed
CVE-2021-42737
was published
Nov 23, 2021
Adobe Prelude version 10.1 (and earlier) is affected by a null pointer dereference vulnerability...
Moderate
Unreviewed
CVE-2021-40774
was published
Nov 23, 2021
Using the parameter of getPFXFolderList function, attackers can see the information of...
Critical
Unreviewed
CVE-2020-7882
was published
Nov 23, 2021
Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to...
High
Unreviewed
CVE-2021-40772
was published
Nov 23, 2021
OX App Suite 7.10.5 allows XSS via an OX Chat system message.
Moderate
Unreviewed
CVE-2021-33495
was published
Nov 23, 2021
The uri-block plugin in Apache APISIX before 2.10.2 uses $request_uri without verification. The ...
High
Unreviewed
CVE-2021-43557
was published
Nov 23, 2021
An Out-of-Bounds Read vulnerability exists when reading a U3D file using Open Design Alliance PRC...
High
Unreviewed
CVE-2021-43581
was published
Nov 23, 2021
OX App Suite through 7.10.5 allows XSS via the alt attribute of an IMG element in a truncated e...
Moderate
Unreviewed
CVE-2021-38375
was published
Nov 23, 2021
OX App Suite through 7.10.5 allows XSS via JavaScript code in an anchor HTML comment within...
Moderate
Unreviewed
CVE-2021-38377
was published
Nov 23, 2021
The middleware component in OX App Suite through 7.10.5 allows Code Injection via Java classes in...
Moderate
Unreviewed
CVE-2021-33493
was published
Nov 23, 2021
OX App Suite through 7.10.5 allows XSS via JavaScript code in a shared XCF file.
Moderate
Unreviewed
CVE-2021-33489
was published
Nov 23, 2021
OX App Suite 7.10.5 allows XSS via an OX Chat room title during typing rendering.
Moderate
Unreviewed
CVE-2021-33494
was published
Nov 23, 2021
The File Download API in Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote...
High
Unreviewed
CVE-2021-38146
was published
Nov 23, 2021
OX App Suite through 7.10.5 allows Directory Traversal via ../ in an OOXML or ODF ZIP archive,...
Moderate
Unreviewed
CVE-2021-33491
was published
Nov 23, 2021
OX App Suite through 7.10.5 allows XSS via a crafted snippet in a shared mail signature.
Moderate
Unreviewed
CVE-2021-33490
was published
Nov 23, 2021
Buffer Overflow vulnerability in tvnviewer.exe of TightVNC Viewer allows a remote attacker to...
Critical
Unreviewed
CVE-2021-42785
was published
Nov 24, 2021
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0...
Moderate
Unreviewed
CVE-2021-38000
was published
Nov 24, 2021
Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote...
High
Unreviewed
CVE-2021-38003
was published
Nov 24, 2021
ProTip!
Advisories are also available from the
GraphQL API