Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

3,288 advisories

Loading
An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could... High Unreviewed
CVE-2021-44019 was published Dec 4, 2021
When a user has admin rights in Serv-U Console, the user can move, create and delete any files... Moderate Unreviewed
CVE-2021-35245 was published Dec 7, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The privileged... High Unreviewed
CVE-2021-43040 was published Dec 7, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A world writable file... High Unreviewed
CVE-2021-43034 was published Dec 7, 2021
Raspberry Pi OS through 5.10 has the raspberry default password for the pi account. If not... Critical Unreviewed
CVE-2021-38759 was published Dec 8, 2021
There is a Permissions,Privileges,and Access Controls vulnerability in Huawei Smartphone... High Unreviewed
CVE-2021-37091 was published Dec 8, 2021
An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using... Critical Unreviewed
CVE-2021-42128 was published Dec 8, 2021
Improper Privilege Management in devise_masquerade High
CVE-2021-28680 was published for devise_masquerade (RubyGems) Dec 8, 2021
Thunderbird unexpectedly enabled JavaScript in the composition area. The JavaScript execution... Moderate Unreviewed
CVE-2021-43528 was published Dec 9, 2021
APM Java Agent Local Privilege Escalation High
CVE-2021-37941 was published for elastic-apm (pip) Dec 9, 2021
A privilege escalation vulnerability in FortiNAC versions 8.8.8 and below and 9.1.2 and below may... High Unreviewed
CVE-2021-41021 was published Dec 9, 2021
Intent redirection vulnerability in Samsung Blockchain Wallet prior to version 1.3.02.8 allows... Moderate Unreviewed
CVE-2021-25526 was published Dec 9, 2021
An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows... Low Unreviewed
CVE-2021-25515 was published Dec 9, 2021
An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021... Low Unreviewed
CVE-2021-25513 was published Dec 9, 2021
An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below... High Unreviewed
CVE-2021-26110 was published Dec 9, 2021
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5... Moderate Unreviewed
CVE-2021-38926 was published Dec 10, 2021
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14... High Unreviewed
CVE-2021-39944 was published Dec 14, 2021
A collision in access memoization logic in all versions of GitLab CE/EE before 14.3.6, all... High Unreviewed
CVE-2021-39937 was published Dec 14, 2021
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.11 before 14... Moderate Unreviewed
CVE-2021-39931 was published Dec 14, 2021
IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when... High Unreviewed
CVE-2021-38950 was published Dec 15, 2021
An issue was discovered in Cuppa CMS Versions Before 31 Jan 2021 allows authenticated attackers... High Unreviewed
CVE-2021-3376 was published Dec 15, 2021
Privilege escalation in the Sulu Admin panel High
CVE-2021-43835 was published for sulu/sulu (Composer) Dec 15, 2021
In (TBD) of (TBD), there is a possible way to boot with a hidden debug policy due to a missing... High Unreviewed
CVE-2021-39653 was published Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-192641593References: N/A Critical Unreviewed
CVE-2021-39655 was published Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-199805112References: N/A Critical Unreviewed
CVE-2021-39645 was published Dec 16, 2021
ProTip! Advisories are also available from the GraphQL API