GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,040
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,894 advisories
Filter by severity
Improper access control in the software installer for the Intel(R) Serial IO driver for Intel(R)...
High
Unreviewed
CVE-2021-33118
was published
Nov 18, 2021
Insufficient security control vulnerability in internal database access mechanism of Hitachi...
High
Unreviewed
CVE-2021-35534
was published
Nov 19, 2021
Improper authorization in handler for custom URL scheme vulnerability in Android App 'Mercari ...
High
Unreviewed
CVE-2021-20835
was published
Nov 25, 2021
The Bulk Datetime Change WordPress plugin before 1.12 does not enforce capability checks which...
Moderate
Unreviewed
CVE-2021-24842
was published
Nov 30, 2021
Trend Micro Antivirus for Mac 2021 v11 (Consumer) is vulnerable to an improper access control...
High
Unreviewed
CVE-2021-43771
was published
Dec 1, 2021
Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior,...
High
Unreviewed
CVE-2021-20864
was published
Dec 2, 2021
Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior,...
Moderate
Unreviewed
CVE-2021-20862
was published
Dec 2, 2021
The WPS Hide Login WordPress plugin before 1.9.1 has a bug which allows to get the secret login...
High
Unreviewed
CVE-2021-24917
was published
Dec 7, 2021
There is an Improper access control vulnerability in Huawei Smartphone.Successful exploitation of...
High
Unreviewed
CVE-2021-37038
was published
Dec 8, 2021
An improper authorization control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an...
High
Unreviewed
CVE-2021-42126
was published
Dec 8, 2021
An improper access control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an...
High
Unreviewed
CVE-2021-42124
was published
Dec 8, 2021
The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to...
Critical
Unreviewed
CVE-2021-38503
was published
Dec 9, 2021
An improper access control vulnerability [CWE-284] in FortiWeb versions 6.4.1 and below and 6.3...
Moderate
Unreviewed
CVE-2021-41013
was published
Dec 9, 2021
An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an...
High
Unreviewed
CVE-2021-42758
was published
Dec 9, 2021
An Incorrect Access Control vulnerability exists in zzcms less than or equal to 2019 via admin...
Critical
Unreviewed
CVE-2021-43703
was published
Dec 10, 2021
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5...
High
Unreviewed
CVE-2021-29678
was published
Dec 10, 2021
An improper authorization vulnerabiltiy [CWE-285] in FortiClient Windows versions 7.0.0 and 6.4.6...
Moderate
Unreviewed
CVE-2021-36167
was published
Dec 10, 2021
HashiCorp Consul Enterprise before 1.8.17, 1.9.x before 1.9.11, and 1.10.x before 1.10.4 has...
High
Unreviewed
CVE-2021-41805
was published
Dec 13, 2021
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to access the...
Critical
Unreviewed
CVE-2021-39052
was published
Dec 14, 2021
Improper access control in the GitLab CE/EE API affecting all versions starting from 9.4 before...
Moderate
Unreviewed
CVE-2021-39945
was published
Dec 14, 2021
Improper access control in GitLab CE/EE affecting all versions starting from 10.7 before 14.3.6,...
Moderate
Unreviewed
CVE-2021-39936
was published
Dec 14, 2021
Improper access control allows any project member to retrieve the service desk email address in...
Moderate
Unreviewed
CVE-2021-39934
was published
Dec 14, 2021
Missing authorization in GitLab EE versions between 12.4 and 14.3.6, between 14.4.0 and 14.4.4,...
Moderate
Unreviewed
CVE-2021-39930
was published
Dec 14, 2021
Incorrect Authorization in GitLab EE affecting all versions starting from 11.1 before 14.3.6, all...
Moderate
Unreviewed
CVE-2021-39918
was published
Dec 14, 2021
A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows...
Moderate
Unreviewed
CVE-2021-36169
was published
Dec 14, 2021
ProTip!
Advisories are also available from the
GraphQL API