GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,587
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,988
Maven 5,170
npm 3,704
NuGet 661
pip 3,332
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,189

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,846 advisories

Filter by severity

Sort by

Least recently updated

Improper access control in the software installer for the Intel(R) Serial IO driver for Intel(R)... High Unreviewed

CVE-2021-33118 was published Nov 18, 2021

Insufficient security control vulnerability in internal database access mechanism of Hitachi... High Unreviewed

CVE-2021-35534 was published Nov 19, 2021

Improper authorization in handler for custom URL scheme vulnerability in Android App 'Mercari ... High Unreviewed

CVE-2021-20835 was published Nov 25, 2021

The Bulk Datetime Change WordPress plugin before 1.12 does not enforce capability checks which... Moderate Unreviewed

CVE-2021-24842 was published Nov 30, 2021

Trend Micro Antivirus for Mac 2021 v11 (Consumer) is vulnerable to an improper access control... High Unreviewed

CVE-2021-43771 was published Dec 1, 2021

Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior,... High Unreviewed

CVE-2021-20864 was published Dec 2, 2021

Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior,... Moderate Unreviewed

CVE-2021-20862 was published Dec 2, 2021

The WPS Hide Login WordPress plugin before 1.9.1 has a bug which allows to get the secret login... High Unreviewed

CVE-2021-24917 was published Dec 7, 2021

There is an Improper access control vulnerability in Huawei Smartphone.Successful exploitation of... High Unreviewed

CVE-2021-37038 was published Dec 8, 2021

An improper authorization control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an... High Unreviewed

CVE-2021-42126 was published Dec 8, 2021

An improper access control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an... High Unreviewed

CVE-2021-42124 was published Dec 8, 2021

The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to... Critical Unreviewed

CVE-2021-38503 was published Dec 9, 2021

An improper access control vulnerability [CWE-284] in FortiWeb versions 6.4.1 and below and 6.3... Moderate Unreviewed

CVE-2021-41013 was published Dec 9, 2021

An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an... High Unreviewed

CVE-2021-42758 was published Dec 9, 2021

An Incorrect Access Control vulnerability exists in zzcms less than or equal to 2019 via admin... Critical Unreviewed

CVE-2021-43703 was published Dec 10, 2021

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5... High Unreviewed

CVE-2021-29678 was published Dec 10, 2021

An improper authorization vulnerabiltiy [CWE-285] in FortiClient Windows versions 7.0.0 and 6.4.6... Moderate Unreviewed

CVE-2021-36167 was published Dec 10, 2021

HashiCorp Consul Enterprise before 1.8.17, 1.9.x before 1.9.11, and 1.10.x before 1.10.4 has... High Unreviewed

CVE-2021-41805 was published Dec 13, 2021

IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to access the... Critical Unreviewed

CVE-2021-39052 was published Dec 14, 2021

Improper access control in the GitLab CE/EE API affecting all versions starting from 9.4 before... Moderate Unreviewed

CVE-2021-39945 was published Dec 14, 2021

Improper access control in GitLab CE/EE affecting all versions starting from 10.7 before 14.3.6,... Moderate Unreviewed

CVE-2021-39936 was published Dec 14, 2021

Improper access control allows any project member to retrieve the service desk email address in... Moderate Unreviewed

CVE-2021-39934 was published Dec 14, 2021

Missing authorization in GitLab EE versions between 12.4 and 14.3.6, between 14.4.0 and 14.4.4,... Moderate Unreviewed

CVE-2021-39930 was published Dec 14, 2021

Incorrect Authorization in GitLab EE affecting all versions starting from 11.1 before 14.3.6, all... Moderate Unreviewed

CVE-2021-39918 was published Dec 14, 2021

A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows... Moderate Unreviewed

CVE-2021-36169 was published Dec 14, 2021

Previous 1 2 3 4 5 … 73 74 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,846 advisories