Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,128 advisories

Loading
Improper Input Validation and Command Injection in Ansible High
CVE-2021-3583 was published for ansible (pip) Sep 23, 2021
Infinite loop in Tomcat due to parsing error High
CVE-2021-41079 was published for org.apache.tomcat:tomcat (Maven) Sep 20, 2021
Improper Input Validation in Firefly III Low
CVE-2019-14671 was published for grumpydictator/firefly-iii (Composer) Sep 8, 2021
Path traversal in elFinder.NetCore High
CVE-2021-23428 was published for elFinder.NetCore (NuGet) Sep 2, 2021
Imporoper path validation in elFinder.NetCore Critical
CVE-2021-23427 was published for elFinder.NetCore (NuGet) Sep 2, 2021
Parse Server crashes with query parameter High
CVE-2021-39187 was published for parse-server (npm) Sep 2, 2021
mstniy
Credited to mstniy
Transaction validity oversight in pallet-ethereum Moderate
CVE-2021-39193 was published for pallet-ethereum (Rust) Sep 1, 2021
Data Flow Sanitation Issue Fix High
CVE-2021-32759 was published for openmage/magento-lts (Composer) Aug 30, 2021
Manipulation of product reviews via API Moderate
CVE-2021-37707 was published for shopware/core (Composer) Aug 30, 2021
Unexpected panic when decoding tokens in branca Moderate
CVE-2020-35918 was published for branca (Rust) Aug 25, 2021
tdunlap607
Credited to tdunlap607
Unexpected panic in multihash High
CVE-2020-35909 was published for multihash (Rust) Aug 25, 2021
Improper Input Validation in renderdoc Critical
CVE-2019-16142 was published for renderdoc (Rust) Aug 25, 2021
Improper Input Validation in once_cell High
CVE-2019-16141 was published for once_cell (Rust) Aug 25, 2021
tdunlap607
Credited to tdunlap607
Improper Input Validation in cookie High
CVE-2017-18589 was published for cookie (Rust) Aug 25, 2021
Incomplete validation in `QuantizeV2` High
CVE-2021-37663 was published for tensorflow (pip) Aug 25, 2021
Incomplete validation in MKL requantization High
CVE-2021-37665 was published for tensorflow (pip) Aug 25, 2021
`CHECK`-fail in `MapStage` Moderate
CVE-2021-37673 was published for tensorflow (pip) Aug 25, 2021
Incomplete validation in `MaxPoolGrad` Moderate
CVE-2021-37674 was published for tensorflow (pip) Aug 25, 2021
Missing validation in shape inference for `Dequantize` Moderate
CVE-2021-37677 was published for tensorflow (pip) Aug 25, 2021
Segfault on strings tensors with mistmatched dimensions, due to Go code Moderate
CVE-2021-37692 was published for tensorflow (pip) Aug 25, 2021
Workflow re-write vulnerability using input parameter Moderate
CVE-2021-37914 was published for github.com/argoproj/argo-workflows/v3 (Go) Aug 9, 2021
Improper Input Validation in Centreon Web High
CVE-2019-16405 was published for centreon/centreon (Composer) Jul 28, 2021
Arbitrary Command Injection Critical
CVE-2021-23399 was published for wincred (npm) Jun 29, 2021
Possible route enumeration in production mode via RouteNotFoundError view in Vaadin 10, 11-14, and 15-19 Moderate
CVE-2021-31412 was published for com.vaadin:vaadin-bom (Maven) Jun 28, 2021
Improper input validation in CNCF Cortex Moderate
CVE-2021-31232 was published for github.com/cortexproject/cortex (Go) Jun 23, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database