GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
674 advisories
Filter by severity
An improper input validation leading to arbitrary file creation was discovered in copy method of...
Critical
Unreviewed
CVE-2021-26612
was published
Dec 1, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Multiple functions in...
Critical
Unreviewed
CVE-2021-43033
was published
Dec 7, 2021
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation...
Critical
Unreviewed
CVE-2021-37084
was published
Dec 8, 2021
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation...
Critical
Unreviewed
CVE-2021-37079
was published
Dec 8, 2021
There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation...
Critical
Unreviewed
CVE-2021-37020
was published
Dec 8, 2021
There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation...
Critical
Unreviewed
CVE-2021-37021
was published
Dec 8, 2021
There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of...
Critical
Unreviewed
CVE-2021-37041
was published
Dec 8, 2021
There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of...
Critical
Unreviewed
CVE-2021-37042
was published
Dec 8, 2021
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to execute...
Critical
Unreviewed
CVE-2021-39065
was published
Dec 14, 2021
Crocoblock JetEngine before 2.9.1 does not properly validate and sanitize form data.
Critical
Unreviewed
CVE-2021-41844
was published
Dec 16, 2021
PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of...
Critical
Unreviewed
CVE-2021-37116
was published
Jan 4, 2022
Serv-U web login screen was allowing characters that were not sanitized by the authentication...
Critical
Unreviewed
CVE-2021-35247
was published
Jan 11, 2022
Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which...
Critical
Unreviewed
CVE-2021-44734
was published
Jan 21, 2022
There is a vulnerability of unstrict input parameter verification in the audio assembly...
Critical
Unreviewed
CVE-2021-39997
was published
Feb 11, 2022
Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to...
Critical
Unreviewed
CVE-2022-23425
was published
Feb 12, 2022
A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript...
Critical
Unreviewed
CVE-2021-3781
was published
Feb 17, 2022
An improper input validation leading to arbitrary file creation was discovered in ToWord of...
Critical
Unreviewed
CVE-2021-26618
was published
Feb 19, 2022
This issues due to insufficient verification of the various input values from user’s input. The...
Critical
Unreviewed
CVE-2021-26617
was published
Feb 26, 2022
An improper input validation vulnerability in the web server CGI facilities of FortiMail before 7...
Critical
Unreviewed
CVE-2021-32586
was published
Mar 2, 2022
In certain situations it is possible for an unmanaged rule to exist on the target system that has...
Critical
Unreviewed
CVE-2022-0675
was published
Mar 3, 2022
SAPCAR - version 7.22, does not contain sufficient input validation on the SAPCAR archive. As a...
Critical
Unreviewed
CVE-2022-26100
was published
Mar 11, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) has Remote Code...
Critical
Unreviewed
CVE-2021-42786
was published
Mar 11, 2022
CuppaCMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the...
Critical
Unreviewed
CVE-2022-25498
was published
Mar 16, 2022
In the vote (aka "Polls, Votes") module before 21.0.100 of Bitrix Site Manager, a remote...
Critical
Unreviewed
CVE-2022-27228
was published
Mar 23, 2022
ProTip!
Advisories are also available from the
GraphQL API