GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,496
Composer 4,170
Erlang 30
GitHub Actions 19
Go 1,981
Maven 5,155
npm 3,700
NuGet 656
pip 3,319
Pub 11
RubyGems 882
Rust 834
Swift 35

Unreviewed advisories

All unreviewed 232,955

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

7,924 advisories

Filter by severity

Sort by

Least recently updated

Philips MRI 1.5T and MRI 3T Version 5.x.x exposes sensitive information to an actor not... Moderate Unreviewed

CVE-2021-42744 was published Nov 20, 2021

Rapid7 Nexpose versions prior to 6.6.114 suffer from an information exposure issue whereby, when... Moderate Unreviewed

CVE-2019-5640 was published Nov 23, 2021

There is a Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Huawei... High Unreviewed

CVE-2021-37010 was published Nov 24, 2021

There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and... Moderate Unreviewed

CVE-2021-37036 was published Nov 24, 2021

The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A... High Unreviewed

CVE-2021-21980 was published Nov 25, 2021

IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local attacker to obtain sensitive information... Moderate Unreviewed

CVE-2021-39000 was published Dec 1, 2021

IBM MQ Appliance could allow a local attacker to obtain sensitive information by inclusion of... Moderate Unreviewed

CVE-2021-38999 was published Dec 1, 2021

Mahavitaran android application 7.50 and prior transmit sensitive information in URL parameters.... Moderate Unreviewed

CVE-2020-27414 was published Dec 3, 2021

An issue was discovered in Couchbase Sync Gateway 2.7.0 through 2.8.2. The bucket credentials... High Unreviewed

CVE-2021-43963 was published Dec 8, 2021

There is a Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Huawei... High Unreviewed

CVE-2021-37067 was published Dec 8, 2021

An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local... Low Unreviewed

CVE-2021-25519 was published Dec 9, 2021

A exposure of sensitive information to an unauthorized actor in Fortinet FortiAuthenticator... Moderate Unreviewed

CVE-2021-43067 was published Dec 9, 2021

An information disclosure vulnerability in the login page of Huntflow Enterprise before 3.10.4... High Unreviewed

CVE-2021-37935 was published Dec 11, 2021

IBM Spectrum Protect Operations Center 7.1, under special configurations, could allow a local... Moderate Unreviewed

CVE-2021-38901 was published Dec 14, 2021

An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4,... Moderate Unreviewed

CVE-2021-39941 was published Dec 14, 2021

The Like Button Rating â™¥ LikeBtn WordPress plugin before 2.6.38 does not have any authorisation... High Unreviewed

CVE-2021-24945 was published Dec 14, 2021

The Onion module in toxcore before 0.2.2 doesn't restrict which packets can be onion-routed,... Moderate Unreviewed

CVE-2018-25022 was published Dec 14, 2021

In onCreate of RequestIgnoreBatteryOptimizations.java, there is a possible way to determine... Moderate Unreviewed

CVE-2021-1023 was published Dec 16, 2021

In createAdminSupportIntent of DevicePolicyManagerService.java, there is a possible way to... Low Unreviewed

CVE-2021-0983 was published Dec 16, 2021

pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak. Moderate Unreviewed

CVE-2021-45095 was published Dec 17, 2021

In geniezone driver, there is a possible out of bounds read due to an incorrect bounds check.... Moderate Unreviewed

CVE-2021-0676 was published Dec 18, 2021

An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37... Moderate Unreviewed

CVE-2021-45038 was published Dec 18, 2021

Dell Wyse Device Agent version 14.5.4.1 and below contain a sensitive data exposure vulnerability... Moderate Unreviewed

CVE-2021-36341 was published Dec 22, 2021

IBM Cloud Pak for Security (CP4S) 1.7.2.0, 1.7.1.0, and 1.7.0.0 could allow an authenticated user... Moderate Unreviewed

CVE-2021-39013 was published Dec 23, 2021

A vulnerability in SonicWall SMA100 password change API allows a remote unauthenticated attacker... High Unreviewed

CVE-2021-20049 was published Dec 24, 2021

Previous 1 2 3 4 5 … 316 317 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

7,924 advisories