Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,819
Erlang
36
GitHub Actions
32
Go
2,410
Maven
5,000+
npm
4,046
NuGet
723
pip
3,842
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

5,115 advisories

Loading
Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s... Moderate Unreviewed
CVE-2021-42121 was published Dec 1, 2021
Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s... Moderate Unreviewed
CVE-2021-42122 was published Dec 1, 2021
There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this... Moderate Unreviewed
CVE-2021-37039 was published Dec 9, 2021
When a user opens a manipulated GIF (.gif) file received from untrusted sources in SAP 3D Visual... Moderate Unreviewed
CVE-2021-42068 was published Dec 15, 2021
When a user opens manipulated Tagged Image File Format (.tif) file received from untrusted... Moderate Unreviewed
CVE-2021-42069 was published Dec 15, 2021
When a user opens manipulated Jupiter Tessellation (.jt) file received from untrusted sources in... Moderate Unreviewed
CVE-2021-42070 was published Dec 15, 2021
Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-42320. Moderate Unreviewed
CVE-2021-43242 was published Dec 16, 2021
An attacker with basic CRUD permissions on a replicated collection can run the applyOps command... Moderate Unreviewed
CVE-2021-20330 was published Dec 16, 2021
YetiForceCRM is vulnerable to Business Logic Errors in the weight of a product Moderate
CVE-2021-4117 was published for yetiforce/yetiforce-crm (Composer) Dec 16, 2021
Mattermost 6.0 and earlier fails to sufficiently validate parameters during post creation, which... Moderate Unreviewed
CVE-2021-37863 was published Dec 18, 2021
In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could... Moderate Unreviewed
CVE-2021-0902 was published Dec 18, 2021
In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could... Moderate Unreviewed
CVE-2021-0900 was published Dec 18, 2021
In alac decoder, there is a possible out of bounds read due to an incorrect bounds check. This... Moderate Unreviewed
CVE-2021-0674 was published Dec 18, 2021
Denial of Service in OpenShift Origin Moderate
CVE-2015-5250 was published for github.com/openshift/origin (Go) Dec 20, 2021
Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a... Moderate Unreviewed
CVE-2021-4068 was published Dec 24, 2021
Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote... Moderate Unreviewed
CVE-2021-4059 was published Dec 24, 2021
Patient Information Center iX (PIC iX) Versions C.02 and C.03 receives input or data, but does... Moderate Unreviewed
CVE-2021-43548 was published Dec 28, 2021
Improper input validation in TrustZone memory transfer interface can lead to information... Moderate Unreviewed
CVE-2021-30278 was published Jan 4, 2022
Improper Input Validation and Injection in Apache Log4j2 Moderate
CVE-2021-44832 was published for org.apache.logging.log4j:log4j-core (Maven) Jan 4, 2022
ppkarwasz
In libMtkOmxGsmDec, there is a possible information disclosure due to an incorrect bounds check.... Moderate Unreviewed
CVE-2022-20019 was published Jan 5, 2022
In vow driver, there is a possible memory corruption due to improper input validation. This could... Moderate Unreviewed
CVE-2022-20014 was published Jan 5, 2022
In wifi driver, there is a possible system crash due to a missing validation check. This could... Moderate Unreviewed
CVE-2021-41789 was published Jan 5, 2022
Improper Validation and Sanitization in url-parse Moderate
CVE-2020-8124 was published for url-parse (npm) Jan 6, 2022
A missing input validation before memory copy in TIMA trustlet prior to SMR Jan-2022 Release 1... Moderate Unreviewed
CVE-2022-22271 was published Jan 11, 2022
Logic error in dolibarr Moderate
CVE-2022-0174 was published for dolibarr/dolibarr (Composer) Jan 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database