Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

915 advisories

Loading
Zoho ManageEngine ADSelfService Plus version 6103 and prior allows CAPTCHA bypass due to improper... Critical Unreviewed
CVE-2021-37417 was published May 24, 2022
A vulnerability in the Universal Plug-and-Play (UPnP) service of Cisco Small Business RV110W,... Critical Unreviewed
CVE-2021-34730 was published May 24, 2022
Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS,... Critical Unreviewed
CVE-2021-22931 was published May 24, 2022
In Expression Engine before 6.0.3, addonIcon in Addons/file/mod.file.php relies on the untrusted... Critical Unreviewed
CVE-2021-33199 was published May 24, 2022
A vulnerability in PKI Security Solution of Dream Security could allow arbitrary command... Critical Unreviewed
CVE-2021-26606 was published May 24, 2022
An improper input validation vulnerability in the service of ezPDFReader allows attacker to... Critical Unreviewed
CVE-2021-26605 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco Small Business RV160, RV160W,... Critical Unreviewed
CVE-2021-1602 was published May 24, 2022
There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed
CVE-2021-22444 was published May 24, 2022
When using XPLATFORM 9.2.2.270 or earlier versions ActiveX component, arbitrary commands can be... Critical Unreviewed
CVE-2020-7866 was published May 24, 2022
NAVER Toolbar before 4.0.30.323 allows remote attackers to execute arbitrary code via a crafted... Critical Unreviewed
CVE-2021-33592 was published May 24, 2022
Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in... Critical Unreviewed
CVE-2021-1965 was published May 24, 2022
Improper input validation vulnerability in Tizen FOTA service prior to Firmware update JUL-2021... Critical Unreviewed
CVE-2021-25436 was published May 24, 2022
Improper input validation vulnerability in Tizen bootloader prior to Firmware update JUL-2021... Critical Unreviewed
CVE-2021-25435 was published May 24, 2022
Improper input validation vulnerability in Tizen bootloader prior to Firmware update JUL-2021... Critical Unreviewed
CVE-2021-25434 was published May 24, 2022
There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of... Critical Unreviewed
CVE-2021-22345 was published May 24, 2022
A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command.... Critical Unreviewed
CVE-2020-7871 was published May 24, 2022
In Eclipse BIRT versions 4.8.0 and earlier, an attacker can use query parameters to create a JSP... Critical Unreviewed
CVE-2021-34427 was published May 24, 2022
SINAMICS medium voltage routable products are affected by a vulnerability in the Sm@rtServer... Critical Unreviewed
CVE-2021-27388 was published May 24, 2022
An improper input validation vulnerability in sdfffd_parse_chunk_PROP() with Sample Rate Chunk in... Critical Unreviewed
CVE-2021-25384 was published May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** A CWE-20: Improper Input Validation vulnerability exists in... Critical Unreviewed
CVE-2021-22767 was published May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** A CWE-20: Improper Input Validation vulnerability exists in... Critical Unreviewed
CVE-2021-22765 was published May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** A CWE-20: Improper Input Validation vulnerability exists in... Critical Unreviewed
CVE-2021-22768 was published May 24, 2022
In Bosch IP cameras, improper validation of the HTTP header allows an attacker to inject... Critical Unreviewed
CVE-2021-23853 was published May 24, 2022
A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that... Critical Unreviewed
CVE-2021-22911 was published May 24, 2022
The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input... Critical Unreviewed
CVE-2021-21985 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database