GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,215
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,112
Maven 5,287
npm 3,767
NuGet 680
pip 3,453
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,554

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

991 advisories

Filter by severity

Sort by

Least recently updated

This issue was addressed with improved entitlements. This issue is fixed in macOS Big Sur 11.3,... Moderate Unreviewed

CVE-2021-1824 was published May 24, 2022

A memory initialization issue was addressed with improved memory handling. This issue is fixed in... Moderate Unreviewed

CVE-2021-1820 was published May 24, 2022

Incorrect Access Control in Zammad 1.0.x up to 4.0.0 allows attackers to obtain sensitive... High Unreviewed

CVE-2021-35299 was published May 24, 2022

NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability where, if a user... High Unreviewed

CVE-2021-1073 was published May 24, 2022

In Artica Pandora FMS <=754 in the File Manager component, there is sensitive information exposed... Moderate Unreviewed

CVE-2021-34075 was published May 24, 2022

IBM QRadar SIEM 7.4.3 GA - 7.4.3 Fix Pack 1 when using domains or multi-tenancy could be... Moderate Unreviewed

CVE-2021-29880 was published May 24, 2022

When a download was initiated, the client did not check whether it was in normal or private... Moderate Unreviewed

CVE-2021-29958 was published May 24, 2022

There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of... High Unreviewed

CVE-2021-22446 was published May 24, 2022

An information disclosure vulnerability in GitLab EE versions 13.11 and later allowed a project... High Unreviewed

CVE-2021-22215 was published May 24, 2022

Under certain conditions SAP Enable Now (SAP Workforce Performance Builder - Manager), versions -... Moderate Unreviewed

CVE-2021-27637 was published May 24, 2022

A confusion between tag and branch names in GitLab CE/EE affecting all versions since 13.7... Moderate Unreviewed

CVE-2021-22252 was published May 24, 2022

Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended Control Sphere because... High Unreviewed

CVE-2020-28012 was published May 24, 2022

IBM Security Verify Access Docker 10.0.0 could reveal highly sensitive information to a local... Moderate Unreviewed

CVE-2021-20500 was published May 24, 2022

An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It improperly... Moderate Unreviewed

CVE-2021-31554 was published May 24, 2022

IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2021-20416 was published May 24, 2022

Exposure of Sensitive Information to an Unauthorized Actor in OpenStack tripleo-heat-templates Moderate

CVE-2021-4180 was published for tripleo-heat-templates (pip) Mar 24, 2022

In cPanel before 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files (SEC... High Unreviewed

CVE-2021-38587 was published May 24, 2022

Incorrect Access Control for linked Tickets in Zammad 1.0.x up to 4.0.0 allows remote attackers... Moderate Unreviewed

CVE-2021-35302 was published May 24, 2022

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.5 and... Moderate Unreviewed

CVE-2021-1822 was published May 24, 2022

An issue existed in determining cache occupancy. The issue was addressed through improved logic.... Moderate Unreviewed

CVE-2021-1861 was published May 24, 2022

Incorrect Access Control in Zammad 1.0.x up to 4.0.0 allows remote attackers to obtain sensitive... Moderate Unreviewed

CVE-2021-35301 was published May 24, 2022

In createPendingIntent of SnoozeHelper.java, there is a possible broadcast intent containing a... Moderate Unreviewed

CVE-2021-0480 was published May 24, 2022

muc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers to obtain sensitive... High Unreviewed

CVE-2021-37601 was published May 24, 2022

Exposure of Resource to Wrong Sphere in Spring Cloud OpenFeign High

CVE-2021-22044 was published for org.springframework.cloud:spring-cloud-openfeign-core (Maven) May 24, 2022

In getEndItemSliceAction of MediaOutputSlice.java, there is a possible permission bypass due to... Moderate Unreviewed

CVE-2021-0552 was published May 24, 2022

Previous 1 2 … 34 35 36 37 38 39 40 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

991 advisories