GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,502

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

824 advisories

Filter by severity

Sort by

Least recently updated

Dell Networking X-Series firmware versions prior to 3.0.1.8 contain a host header injection... Moderate Unreviewed

CVE-2021-36322 was published Nov 21, 2021

Dell EMC CloudLink 7.1 and all prior versions contain an OS command injection Vulnerability. A... High Unreviewed

CVE-2021-36313 was published Nov 24, 2021

There is an Injection attack vulnerability in Huawei Smartphone.Successful exploitation of this... High Unreviewed

CVE-2021-37033 was published Nov 24, 2021

Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s... Moderate Unreviewed

CVE-2021-42117 was published Dec 1, 2021

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The wguest account... High Unreviewed

CVE-2021-43038 was published Dec 7, 2021

There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed

CVE-2021-37040 was published Dec 9, 2021

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 14... Moderate Unreviewed

CVE-2021-39910 was published Dec 14, 2021

An issue was discovered in UiPath Assistant 21.4.4. User-controlled data supplied to the -... Critical Unreviewed

CVE-2021-44042 was published Dec 15, 2021

JFinal_cms 5.1.0 is vulnerable to regex injection that may lead to Denial of Service. High Unreviewed

CVE-2021-37262 was published Dec 17, 2021

Thinfinity VirtualUI before 3.0 has functionality in /lab.html reachable by default that could... Critical Unreviewed

CVE-2021-45092 was published Dec 17, 2021

An HTML Injection Vulnerability in iOrder 1.0 allows the remote attacker to execute Malicious... Moderate Unreviewed

CVE-2021-43441 was published Dec 21, 2021

RCE in Add Review Function in iResturant 1.0 Allows remote attacker to execute commands remotely Critical Unreviewed

CVE-2021-43439 was published Dec 21, 2021

In sourcecodetester Engineers Online Portal as of 10-21-21, an attacker can manipulate the Host... High Unreviewed

CVE-2021-43437 was published Dec 21, 2021

An issue in ThinkCMF X2.2.2 and below allows attackers to execute arbitrary code via a crafted... Critical Unreviewed

CVE-2020-20601 was published Dec 24, 2021

Certain NETGEAR devices are affected by server-side injection. This affects D7800 before 1.0.1.58... Critical Unreviewed

CVE-2021-45658 was published Dec 27, 2021

Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet... High Unreviewed

CVE-2021-4186 was published Dec 31, 2021

Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file Moderate Unreviewed

CVE-2021-4183 was published Dec 31, 2021

Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of... High Unreviewed

CVE-2021-4181 was published Dec 31, 2021

Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service... High Unreviewed

CVE-2021-4182 was published Dec 31, 2021

SAFARI Montage 8.7.32 is affected by a CRLF injection vulnerability which can lead to can lead to... Moderate Unreviewed

CVE-2021-45818 was published Dec 31, 2021

The Plus Addons for Elementor - Pro WordPress plugin before 5.0.7 does not validate the qvquery... High Unreviewed

CVE-2021-24948 was published Jan 11, 2022

An injection vulnerability exists in a third-party library used in UniFi Network Version 6.5.53... Critical Unreviewed

CVE-2021-44530 was published Jan 15, 2022

ownCloud owncloud/client before 2.9.2 allows Resource Injection by a server into the desktop... High Unreviewed

CVE-2021-44537 was published Jan 16, 2022

In Code42 app before 8.8.0, eval injection allows an attacker to change a device’s proxy... High Unreviewed

CVE-2021-43269 was published Jan 21, 2022

IBM WebSphere Application Server - Liberty 17.0.0.3 through 22.0.0.1 could allow a remote... High Unreviewed

CVE-2021-39031 was published Jan 26, 2022

Previous 1 2 3 4 5 … 32 33 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

824 advisories