GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
816 advisories
Filter by severity
When a user has admin rights in Serv-U Console, the user can move, create and delete any files...
Moderate
Unreviewed
CVE-2021-35245
was published
Dec 7, 2021
Thunderbird unexpectedly enabled JavaScript in the composition area. The JavaScript execution...
Moderate
Unreviewed
CVE-2021-43528
was published
Dec 9, 2021
Intent redirection vulnerability in Samsung Blockchain Wallet prior to version 1.3.02.8 allows...
Moderate
Unreviewed
CVE-2021-25526
was published
Dec 9, 2021
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5...
Moderate
Unreviewed
CVE-2021-38926
was published
Dec 10, 2021
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.11 before 14...
Moderate
Unreviewed
CVE-2021-39931
was published
Dec 14, 2021
In ic_startRetrieveEntryValue of acropora/app/identity/ic.c, there is a possible bypass of...
Moderate
Unreviewed
CVE-2021-39643
was published
Dec 16, 2021
Windows Mobile Device Management Elevation of Privilege Vulnerability
Moderate
Unreviewed
CVE-2021-43880
was published
Dec 16, 2021
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37...
Moderate
Unreviewed
CVE-2021-44857
was published
Dec 18, 2021
StorageGRID (formerly StorageGRID Webscale) versions 11.5 prior to 11.5.0.5 are susceptible to a...
Moderate
Unreviewed
CVE-2021-27006
was published
Dec 24, 2021
Unprotected dynamic receiver in SecSettings prior to SMR Jan-2022 Release 1 allows untrusted...
Moderate
Unreviewed
CVE-2022-22263
was published
Jan 11, 2022
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from...
Moderate
Unreviewed
CVE-2022-21970
was published
Jan 12, 2022
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from...
Moderate
Unreviewed
CVE-2022-21954
was published
Jan 12, 2022
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21881.
Moderate
Unreviewed
CVE-2022-21879
was published
Jan 12, 2022
An issue was discovered in Delta RM 1.2. Using an privileged account, it is possible to edit,...
Moderate
Unreviewed
CVE-2021-44840
was published
Jan 19, 2022
An issue has been discovered in GitLab affecting all versions starting from 12.0 before 14.4.5,...
Moderate
Unreviewed
CVE-2022-0125
was published
Jan 19, 2022
An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3...
Moderate
Unreviewed
CVE-2022-0090
was published
Jan 19, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General)....
Moderate
Unreviewed
CVE-2022-21310
was published
Jan 20, 2022
The Privilege Escalation vulnerability discovered in the WP Google Map WordPress plugin (versions...
Moderate
Unreviewed
CVE-2021-45729
was published
Jan 26, 2022
Zoho ManageEngine Desktop Central before 10.1.2137.10 allows an authenticated user to change any...
Moderate
Unreviewed
CVE-2022-23863
was published
Jan 29, 2022
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from...
Moderate
Unreviewed
CVE-2022-23262
was published
Feb 8, 2022
Microsoft Dynamics GP Elevation Of Privilege Vulnerability. This CVE ID is unique from CVE-2022...
Moderate
Unreviewed
CVE-2022-23271
was published
Feb 10, 2022
Improper Privilege Management in GitHub repository chatwoot/chatwoot prior to v2.2.
Moderate
Unreviewed
CVE-2021-3813
was published
Feb 10, 2022
A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow...
Moderate
Unreviewed
CVE-2022-20680
was published
Feb 11, 2022
Insufficient control flow management in the firmware for some Intel(R) Processors may allow a...
Moderate
Unreviewed
CVE-2021-0103
was published
Feb 11, 2022
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a local user with elevated privileges to cause a...
Moderate
Unreviewed
CVE-2021-38955
was published
Mar 2, 2022
ProTip!
Advisories are also available from the
GraphQL API