Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,337 advisories

Loading
Insufficient policy enforcement in image handling in iOS in Google Chrome on iOS prior to 92.0... Moderate Unreviewed
CVE-2021-30583 was published May 24, 2022
Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107... Moderate Unreviewed
CVE-2021-30580 was published May 24, 2022
IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could... Moderate Unreviewed
CVE-2021-20539 was published May 24, 2022
IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could... Moderate Unreviewed
CVE-2021-20540 was published May 24, 2022
IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could... Moderate Unreviewed
CVE-2021-20541 was published May 24, 2022
There is a logic error vulnerability in several smartphones. The software does not properly... Moderate Unreviewed
CVE-2021-22398 was published May 24, 2022
Agents are able to list appointments in the calendars without required permissions. This issue... Moderate Unreviewed
CVE-2021-36091 was published May 24, 2022
Windows Hello Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2021-34466 was published May 24, 2022
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23... Moderate Unreviewed
CVE-2021-33718 was published May 24, 2022
Multi-Factor Authentication (MFA) functionality can be bypassed, allowing the use of single... Moderate Unreviewed
CVE-2021-22515 was published May 24, 2022
Xen Orchestra Mishandles Authorization Moderate
CVE-2021-36383 was published for xo-server (npm) May 24, 2022
Improper authorization vulnerability in Tizen factory reset policy prior to Firmware update JUL... Moderate Unreviewed
CVE-2021-25433 was published May 24, 2022
Improper access control vulnerability in Cameralyzer prior to versions 3.2.1041 in 3.2.x, 3.3... Moderate Unreviewed
CVE-2021-25431 was published May 24, 2022
Improper authorization in handler for custom URL scheme vulnerability in GU App for Android... Moderate Unreviewed
CVE-2021-20777 was published May 24, 2022
A vulnerability in the getSelectedMimeTypesByRole function of the WP Upload Restriction WordPress... Moderate Unreviewed
CVE-2021-34627 was published May 24, 2022
A vulnerability in the deleteCustomType function of the WP Upload Restriction WordPress plugin... Moderate Unreviewed
CVE-2021-34626 was published May 24, 2022
The Easy Cookies Policy WordPress plugin through 1.6.2 is lacking any capability and CSRF check... Moderate Unreviewed
CVE-2021-24405 was published May 24, 2022
IBM Cognos Analytics 10.0 and 11.1 is susceptible to a weakness in the implementation of the... Moderate Unreviewed
CVE-2021-20461 was published May 24, 2022
Improper permission checks allow canceling queue items and aborting builds in Jenkins Moderate
CVE-2021-21670 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8... Moderate Unreviewed
CVE-2021-29751 was published May 24, 2022
When styling and rendering an oversized `<select>` element, Firefox did not apply correct... Moderate Unreviewed
CVE-2021-29961 was published May 24, 2022
An information disclosure vulnerability was discovered in the directory and file management of... Moderate Unreviewed
CVE-2021-25652 was published May 24, 2022
The Comments Like Dislike WordPress plugin before 1.1.4 allows users to like/dislike posted... Moderate Unreviewed
CVE-2021-24379 was published May 24, 2022
An issue was discovered in Cleo LexiCom 5.5.0.0. The requirement for the sender of an AS2 message... Moderate Unreviewed
CVE-2021-33577 was published May 24, 2022
An improper access control vulnerability in TelephonyUI prior to SMR MAY-2021 Release 1 allows... Moderate Unreviewed
CVE-2021-25397 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database