Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,117 advisories

Loading
Windows Installer Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-43883 was published Dec 16, 2021
Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-43893 was published Dec 16, 2021
In onReceive of BluetoothPermissionRequest.java, there is a possible phishing attack allowing a... High Unreviewed
CVE-2021-0434 was published Dec 16, 2021
In onCreate of AllowBindAppWidgetActivity.java, there is a possible bypass of user interaction... High Unreviewed
CVE-2021-0769 was published Dec 16, 2021
In ActivityThread.java, there is a possible way to collide the content provider's authorities.... High Unreviewed
CVE-2021-0799 was published Dec 16, 2021
In enqueueNotificationInternal of NotificationManagerService.java, there is a possible way to run... High Unreviewed
CVE-2021-0981 was published Dec 16, 2021
In onNullBinding of ManagedServices.java, there is a possible permission bypass due to an... High Unreviewed
CVE-2021-0984 was published Dec 16, 2021
In onCreate of PaymentDefaultDialog.java, there is a possible way to change a default payment app... Low Unreviewed
CVE-2021-0992 was published Dec 16, 2021
In snoozeNotification of NotificationListenerService.java, there is a possible permission... High Unreviewed
CVE-2021-1019 was published Dec 16, 2021
In setTransactionState of SurfaceFlinger, there is possible arbitrary code execution in a... High Unreviewed
CVE-2021-1027 was published Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-126949257References: N/A Critical Unreviewed
CVE-2021-39641 was published Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-199809304References: N/A Critical Unreviewed
CVE-2021-39644 was published Dec 16, 2021
In ic_startRetrieveEntryValue of acropora/app/identity/ic.c, there is a possible bypass of... Moderate Unreviewed
CVE-2021-39643 was published Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-199805112References: N/A Critical Unreviewed
CVE-2021-39645 was published Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-192641593References: N/A Critical Unreviewed
CVE-2021-39655 was published Dec 16, 2021
In (TBD) of (TBD), there is a possible way to boot with a hidden debug policy due to a missing... High Unreviewed
CVE-2021-39653 was published Dec 16, 2021
An issue was discovered in Cuppa CMS Versions Before 31 Jan 2021 allows authenticated attackers... High Unreviewed
CVE-2021-3376 was published Dec 15, 2021
IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when... High Unreviewed
CVE-2021-38950 was published Dec 15, 2021
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.11 before 14... Moderate Unreviewed
CVE-2021-39931 was published Dec 14, 2021
A collision in access memoization logic in all versions of GitLab CE/EE before 14.3.6, all... High Unreviewed
CVE-2021-39937 was published Dec 14, 2021
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14... High Unreviewed
CVE-2021-39944 was published Dec 14, 2021
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5... Moderate Unreviewed
CVE-2021-38926 was published Dec 10, 2021
An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below... High Unreviewed
CVE-2021-26110 was published Dec 9, 2021
An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021... Low Unreviewed
CVE-2021-25513 was published Dec 9, 2021
An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows... Low Unreviewed
CVE-2021-25515 was published Dec 9, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database