GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
110,828 advisories
Filter by severity
Incorrect Calculation and Use of Insufficiently Random Values in Python
Moderate
Unreviewed
CVE-2020-14422
was published
May 11, 2021
Sensitive Data Exposure in Openshift Container Platform
Moderate
Unreviewed
CVE-2019-10213
was published
May 17, 2021
Information Disclosure in OpenShift Container Platform
Moderate
Unreviewed
CVE-2020-10712
was published
May 25, 2021
Out-of-bounds Read and Missing Release of Memory after Effective Lifetime in tar
Moderate
Unreviewed
CVE-2021-20193
was published
May 27, 2021
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability...
Moderate
Unreviewed
CVE-2021-29861
was published
Nov 17, 2021
SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows XSS.
Moderate
Unreviewed
CVE-2021-43977
was published
Nov 17, 2021
Insufficient validation of guest context in the SNP Firmware could lead to a potential loss of...
Moderate
Unreviewed
CVE-2021-26327
was published
Nov 17, 2021
PSP protection against improperly configured side channels may lead to potential information...
Moderate
Unreviewed
CVE-2021-26312
was published
Nov 17, 2021
Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004203 may lead to...
Moderate
Unreviewed
CVE-2020-12904
was published
Nov 17, 2021
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a...
Moderate
Unreviewed
CVE-2021-0158
was published
Nov 18, 2021
Improper validation of the cloud certificate chain in Mobile Client allows man-in-the-middle...
Moderate
Unreviewed
CVE-2021-23155
was published
Nov 19, 2021
Adobe After Effects version 18.4.1 (and earlier) is affected by a Null pointer dereference...
Moderate
Unreviewed
CVE-2021-40756
was published
Nov 19, 2021
A flaw was divered in Puppet Enterprise and other Puppet products where sensitive plan parameters...
Moderate
Unreviewed
CVE-2021-27026
was published
Nov 19, 2021
It was discovered that on Windows operating systems specifically, Kibana was not validating a...
Moderate
Unreviewed
CVE-2021-37938
was published
Nov 19, 2021
In edma driver, there is a possible memory corruption due to a use after free. This could lead to...
Moderate
Unreviewed
CVE-2021-0656
was published
Nov 19, 2021
In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could...
Moderate
Unreviewed
CVE-2021-0666
was published
Nov 19, 2021
In apusys, there is a possible memory corruption due to a use after free. This could lead to...
Moderate
Unreviewed
CVE-2021-0667
was published
Nov 19, 2021
In ccu, there is a possible memory corruption due to a use after free. This could lead to local...
Moderate
Unreviewed
CVE-2021-0664
was published
Nov 19, 2021
Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows...
Moderate
Unreviewed
CVE-2021-35535
was published
Nov 19, 2021
In ape extractor, there is a possible out of bounds read due to a missing bounds check. This...
Moderate
Unreviewed
CVE-2021-0619
was published
Nov 19, 2021
In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead...
Moderate
Unreviewed
CVE-2021-0658
was published
Nov 19, 2021
In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could...
Moderate
Unreviewed
CVE-2021-0665
was published
Nov 19, 2021
In asf extractor, there is a possible out of bounds read due to a heap buffer overflow. This...
Moderate
Unreviewed
CVE-2021-0620
was published
Nov 19, 2021
ProTip!
Advisories are also available from the
GraphQL API