Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

3,397 advisories

Loading
An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could... High Unreviewed
CVE-2021-44019 was published Dec 4, 2021
When a user has admin rights in Serv-U Console, the user can move, create and delete any files... Moderate Unreviewed
CVE-2021-35245 was published Dec 7, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The privileged... High Unreviewed
CVE-2021-43040 was published Dec 7, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A world writable file... High Unreviewed
CVE-2021-43034 was published Dec 7, 2021
Raspberry Pi OS through 5.10 has the raspberry default password for the pi account. If not... Critical Unreviewed
CVE-2021-38759 was published Dec 8, 2021
There is a Permissions,Privileges,and Access Controls vulnerability in Huawei Smartphone... High Unreviewed
CVE-2021-37091 was published Dec 8, 2021
An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using... Critical Unreviewed
CVE-2021-42128 was published Dec 8, 2021
Improper Privilege Management in devise_masquerade High
CVE-2021-28680 was published for devise_masquerade (RubyGems) Dec 8, 2021
Thunderbird unexpectedly enabled JavaScript in the composition area. The JavaScript execution... Moderate Unreviewed
CVE-2021-43528 was published Dec 9, 2021
APM Java Agent Local Privilege Escalation High
CVE-2021-37941 was published for elastic-apm (pip) Dec 9, 2021
A privilege escalation vulnerability in FortiNAC versions 8.8.8 and below and 9.1.2 and below may... High Unreviewed
CVE-2021-41021 was published Dec 9, 2021
Intent redirection vulnerability in Samsung Blockchain Wallet prior to version 1.3.02.8 allows... Moderate Unreviewed
CVE-2021-25526 was published Dec 9, 2021
An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows... Low Unreviewed
CVE-2021-25515 was published Dec 9, 2021
An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021... Low Unreviewed
CVE-2021-25513 was published Dec 9, 2021
An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below... High Unreviewed
CVE-2021-26110 was published Dec 9, 2021
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5... Moderate Unreviewed
CVE-2021-38926 was published Dec 10, 2021
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14... High Unreviewed
CVE-2021-39944 was published Dec 14, 2021
A collision in access memoization logic in all versions of GitLab CE/EE before 14.3.6, all... High Unreviewed
CVE-2021-39937 was published Dec 14, 2021
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.11 before 14... Moderate Unreviewed
CVE-2021-39931 was published Dec 14, 2021
IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when... High Unreviewed
CVE-2021-38950 was published Dec 15, 2021
An issue was discovered in Cuppa CMS Versions Before 31 Jan 2021 allows authenticated attackers... High Unreviewed
CVE-2021-3376 was published Dec 15, 2021
Privilege escalation in the Sulu Admin panel High
CVE-2021-43835 was published for sulu/sulu (Composer) Dec 15, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-192641593References: N/A Critical Unreviewed
CVE-2021-39655 was published Dec 16, 2021
In (TBD) of (TBD), there is a possible way to boot with a hidden debug policy due to a missing... High Unreviewed
CVE-2021-39653 was published Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-199805112References: N/A Critical Unreviewed
CVE-2021-39645 was published Dec 16, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database