Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

673 advisories

Loading
An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent... Critical Unreviewed
CVE-2021-43267 was published May 24, 2022
An Improper input validation in execDefaultBrowser method of NEXACRO17 allows a remote attacker... Critical Unreviewed
CVE-2021-26607 was published May 24, 2022
Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource... Critical Unreviewed
CVE-2020-18683 was published May 24, 2022
Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource... Critical Unreviewed
CVE-2020-18685 was published May 24, 2022
The network address administrative settings web portal for the Zoom on-premise Meeting Connector... Critical Unreviewed
CVE-2021-34416 was published May 24, 2022
A command injection vulnerability in the web server of some Hikvision product. Due to the... Critical Unreviewed
CVE-2021-36260 was published May 24, 2022
An improper input validation vulnerability in libsapeextractor library prior to SMR Sep-2021... Critical Unreviewed
CVE-2021-25449 was published May 24, 2022
A vulnerability in Base Software for SoftControl allows an attacker to insert and run arbitrary... Critical Unreviewed
CVE-2020-24672 was published May 24, 2022
A vulnerability(improper input validation) in the ExECM CoreB2B solution allows an... Critical Unreviewed
CVE-2020-7865 was published May 24, 2022
A vulnerability (improper input validation) in the DEXT5 Upload solution allows an... Critical Unreviewed
CVE-2020-7832 was published May 24, 2022
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are... Critical Unreviewed
CVE-2021-36025 was published May 24, 2022
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are... Critical Unreviewed
CVE-2021-36035 was published May 24, 2022
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are... Critical Unreviewed
CVE-2021-36034 was published May 24, 2022
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are... Critical Unreviewed
CVE-2021-36041 was published May 24, 2022
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are... Critical Unreviewed
CVE-2021-36042 was published May 24, 2022
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are... Critical Unreviewed
CVE-2021-36040 was published May 24, 2022
Zoho ManageEngine ADSelfService Plus version 6103 and prior allows CAPTCHA bypass due to improper... Critical Unreviewed
CVE-2021-37417 was published May 24, 2022
A vulnerability in the Universal Plug-and-Play (UPnP) service of Cisco Small Business RV110W,... Critical Unreviewed
CVE-2021-34730 was published May 24, 2022
Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS,... Critical Unreviewed
CVE-2021-22931 was published May 24, 2022
In Expression Engine before 6.0.3, addonIcon in Addons/file/mod.file.php relies on the untrusted... Critical Unreviewed
CVE-2021-33199 was published May 24, 2022
A vulnerability in PKI Security Solution of Dream Security could allow arbitrary command... Critical Unreviewed
CVE-2021-26606 was published May 24, 2022
An improper input validation vulnerability in the service of ezPDFReader allows attacker to... Critical Unreviewed
CVE-2021-26605 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco Small Business RV160, RV160W,... Critical Unreviewed
CVE-2021-1602 was published May 24, 2022
There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed
CVE-2021-22444 was published May 24, 2022
When using XPLATFORM 9.2.2.270 or earlier versions ActiveX component, arbitrary commands can be... Critical Unreviewed
CVE-2020-7866 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database