Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,559 advisories

Loading
In snoozeNotification of NotificationListenerService.java, there is a possible permission... High Unreviewed
CVE-2021-1019 was published Dec 16, 2021
In setTransactionState of SurfaceFlinger, there is possible arbitrary code execution in a... High Unreviewed
CVE-2021-1027 was published Dec 16, 2021
In ic_startRetrieveEntryValue of acropora/app/identity/ic.c, there is a possible bypass of... Moderate Unreviewed
CVE-2021-39643 was published Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-126949257References: N/A Critical Unreviewed
CVE-2021-39641 was published Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-199809304References: N/A Critical Unreviewed
CVE-2021-39644 was published Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-199805112References: N/A Critical Unreviewed
CVE-2021-39645 was published Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-192641593References: N/A Critical Unreviewed
CVE-2021-39655 was published Dec 16, 2021
In (TBD) of (TBD), there is a possible way to boot with a hidden debug policy due to a missing... High Unreviewed
CVE-2021-39653 was published Dec 16, 2021
An issue was discovered in Cuppa CMS Versions Before 31 Jan 2021 allows authenticated attackers... High Unreviewed
CVE-2021-3376 was published Dec 15, 2021
IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when... High Unreviewed
CVE-2021-38950 was published Dec 15, 2021
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.11 before 14... Moderate Unreviewed
CVE-2021-39931 was published Dec 14, 2021
A collision in access memoization logic in all versions of GitLab CE/EE before 14.3.6, all... High Unreviewed
CVE-2021-39937 was published Dec 14, 2021
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14... High Unreviewed
CVE-2021-39944 was published Dec 14, 2021
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5... Moderate Unreviewed
CVE-2021-38926 was published Dec 10, 2021
An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below... High Unreviewed
CVE-2021-26110 was published Dec 9, 2021
An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021... Low Unreviewed
CVE-2021-25513 was published Dec 9, 2021
An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows... Low Unreviewed
CVE-2021-25515 was published Dec 9, 2021
Intent redirection vulnerability in Samsung Blockchain Wallet prior to version 1.3.02.8 allows... Moderate Unreviewed
CVE-2021-25526 was published Dec 9, 2021
A privilege escalation vulnerability in FortiNAC versions 8.8.8 and below and 9.1.2 and below may... High Unreviewed
CVE-2021-41021 was published Dec 9, 2021
Thunderbird unexpectedly enabled JavaScript in the composition area. The JavaScript execution... Moderate Unreviewed
CVE-2021-43528 was published Dec 9, 2021
An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using... Critical Unreviewed
CVE-2021-42128 was published Dec 8, 2021
There is a Permissions,Privileges,and Access Controls vulnerability in Huawei Smartphone... High Unreviewed
CVE-2021-37091 was published Dec 8, 2021
Raspberry Pi OS through 5.10 has the raspberry default password for the pi account. If not... Critical Unreviewed
CVE-2021-38759 was published Dec 8, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A world writable file... High Unreviewed
CVE-2021-43034 was published Dec 7, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The privileged... High Unreviewed
CVE-2021-43040 was published Dec 7, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database