Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,367
Maven
5,000+
npm
3,986
NuGet
720
pip
3,778
Pub
12
RubyGems
926
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4,946 advisories

Loading
Parse Server crashes with query parameter High
CVE-2021-39187 was published for parse-server (npm) Sep 2, 2021
mstniy
Path traversal in elFinder.NetCore High
CVE-2021-23428 was published for elFinder.NetCore (NuGet) Sep 2, 2021
Infinite loop in Tomcat due to parsing error High
CVE-2021-41079 was published for org.apache.tomcat:tomcat (Maven) Sep 20, 2021
Improper Input Validation and Command Injection in Ansible High
CVE-2021-3583 was published for ansible (pip) Sep 23, 2021
Policies not properly enforced in bluemonday High
CVE-2021-42576 was published for github.com/microcosm-cc/bluemonday (Go) Oct 19, 2021
Files or Directories Accessible to External Parties in kubernetes High
CVE-2021-25741 was published for k8s.io/kubernetes (Go) Nov 1, 2021
Arbitrary filepath traversal via URI injection High
CVE-2021-3907 was published for github.com/cloudflare/cfrpki (Go) Nov 10, 2021
NUL character in ROA causes OctoRPKI to crash High
CVE-2021-3910 was published for github.com/cloudflare/cfrpki (Go) Nov 10, 2021
Improper Input Validation in pip High
CVE-2021-3572 was published for pip (pip) Nov 15, 2021
Improper Input Validation in fruity High
CVE-2021-43620 was published for fruity (Rust) Nov 16, 2021
A potential vulnerability exists in AMD Platform Security Processor (PSP) that may allow an... High Unreviewed
CVE-2020-12961 was published Nov 17, 2021
Adobe Prelude version 10.1 (and earlier) is affected by an improper input validation... High Unreviewed
CVE-2021-42733 was published Nov 23, 2021
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation... High Unreviewed
CVE-2021-37025 was published Nov 24, 2021
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation... High Unreviewed
CVE-2021-37026 was published Nov 24, 2021
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation... High Unreviewed
CVE-2021-37019 was published Nov 24, 2021
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation... High Unreviewed
CVE-2021-37017 was published Nov 24, 2021
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation... High Unreviewed
CVE-2021-37004 was published Nov 24, 2021
Improper Input Validation vulnerability in the APDU parser in the Bidirectional Communication... High Unreviewed
CVE-2021-35533 was published Nov 27, 2021
The vulnerabilty was discovered in ActiveX module related to NeoRS remote support program. This... High Unreviewed
CVE-2020-7880 was published Dec 1, 2021
Improper Input Validation vulnerability in MELSEC iQ-R Series R00/01/02CPU Firmware versions "24"... High Unreviewed
CVE-2021-20611 was published Dec 2, 2021
Unexpected server crash in Next.js. High
CVE-2021-43803 was published for next (npm) Dec 7, 2021
medikoo
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation... High Unreviewed
CVE-2021-37096 was published Dec 8, 2021
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation... High Unreviewed
CVE-2021-37094 was published Dec 8, 2021
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation... High Unreviewed
CVE-2021-37081 was published Dec 8, 2021
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation... High Unreviewed
CVE-2021-37060 was published Dec 8, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database