Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,791
Erlang
36
GitHub Actions
29
Go
2,373
Maven
5,000+
npm
3,998
NuGet
720
pip
3,801
Pub
12
RubyGems
927
Rust
984
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

22,820 advisories

Loading
Zoho ManageEngine M365 Manager Plus before 4421 is vulnerable to file-upload remote code execution. Critical Unreviewed
CVE-2021-42099 was published Dec 1, 2021
This issue was discovered when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. It... Critical Unreviewed
CVE-2020-7879 was published Dec 1, 2021
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as... Critical Unreviewed
CVE-2021-41678 was published Dec 1, 2021
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as... Critical Unreviewed
CVE-2021-41679 was published Dec 1, 2021
In JetBrains TeamCity before 2021.1.3, the X-Frame-Options header is missing in some cases. Critical Unreviewed
CVE-2021-43202 was published Dec 1, 2021
An insufficient session expiration vulnerability exists in Business-DNA Solutions GmbH’s TopEase®... Critical Unreviewed
CVE-2021-42545 was published Dec 1, 2021
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as... Critical Unreviewed
CVE-2021-41677 was published Dec 1, 2021
Missing HTTPOnly flag in Web Applications operating on Business-DNA Solutions GmbH’s TopEase®... Critical Unreviewed
CVE-2021-42115 was published Dec 1, 2021
Missing Rate Limiting in Web Applications operating on Business-DNA Solutions GmbH’s TopEase®... Critical Unreviewed
CVE-2021-42544 was published Dec 1, 2021
# Vulnerability in `title` function **Description**: the `title` function defined in `lib... Critical Unreviewed
CVE-2021-3726 was published Dec 1, 2021
# Vulnerability in `rand-quote` and `hitokoto` plugins **Description**: the `rand-quote` and ... Critical Unreviewed
CVE-2021-3727 was published Dec 1, 2021
# Vulnerability in `pygmalion`, `pygmalion-virtualenv` and `refined` themes **Description**:... Critical Unreviewed
CVE-2021-3769 was published Dec 1, 2021
D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to... Critical Unreviewed
CVE-2021-33274 was published Dec 2, 2021
D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to... Critical Unreviewed
CVE-2021-33269 was published Dec 2, 2021
D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to... Critical Unreviewed
CVE-2021-33267 was published Dec 2, 2021
D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to... Critical Unreviewed
CVE-2021-33268 was published Dec 2, 2021
D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to... Critical Unreviewed
CVE-2021-33270 was published Dec 2, 2021
D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to... Critical Unreviewed
CVE-2021-33266 was published Dec 2, 2021
D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to... Critical Unreviewed
CVE-2021-33271 was published Dec 2, 2021
D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to... Critical Unreviewed
CVE-2021-33265 was published Dec 2, 2021
NetworkPkg/IScsiDxe has remotely exploitable buffer overflows. Critical Unreviewed
CVE-2021-38575 was published Dec 2, 2021
SQL Injection vulnerability exists in PHPGURUKUL Employee Record Management System 1.2 via the... Critical Unreviewed
CVE-2021-43451 was published Dec 2, 2021
libretime hv3.0.0-alpha.10 is affected by a path manipulation vulnerability in /blob/master... Critical Unreviewed
CVE-2021-43685 was published Dec 2, 2021
The AMDPowerProfiler.sys driver of AMD ?Prof tool may allow lower privileged users to access MSRs... Critical Unreviewed
CVE-2021-26334 was published Dec 2, 2021
attendance management system 1.0 is affected by a SQL injection vulnerability in admin... Critical Unreviewed
CVE-2021-44280 was published Dec 2, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database