Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,231
Erlang
31
GitHub Actions
20
Go
1,991
Maven
5,000+
npm
3,709
NuGet
661
pip
3,341
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

230 advisories

Loading
Yandex Browser for Android 20.8.4 allows remote attackers to perform SOP bypass and addresss bar... High Unreviewed
CVE-2020-27969 was published May 24, 2022
Incorrect security UI in Navigation in Google Chrome on Android prior to 92.0.4515.131 allowed a... Moderate Unreviewed
CVE-2021-30596 was published May 24, 2022
In Ping Identity RSA SecurID Integration Kit before 3.2, user impersonation can occur. High Unreviewed
CVE-2021-39270 was published May 24, 2022
Origin Validation Error in Apache NiFi High
CVE-2017-7667 was published for org.apache.nifi:nifi (Maven) May 17, 2022
In JetBrains IntelliJ IDEA before 2022.1 origin checks in the internal web server were flawed High Unreviewed
CVE-2022-29818 was published Apr 29, 2022
Remote code execution in Eclipse Theia High
CVE-2021-34435 was published for @theia/mini-browser (npm) Sep 2, 2021
Inappropriate implementation in Navigation in Google Chrome on iOS prior to 90.0.4430.72 allowed... Moderate Unreviewed
CVE-2021-21211 was published May 24, 2022
The server in npupnp before 4.1.4 is affected by DNS rebinding in the embedded web server ... High Unreviewed
CVE-2021-31718 was published May 24, 2022
Inappropriate implementation in storage in Google Chrome prior to 90.0.4430.72 allowed a remote... Moderate Unreviewed
CVE-2021-21209 was published May 24, 2022
An Origin Validation Error vulnerability in Bitdefender Safepay allows an attacker to manipulate... Moderate Unreviewed
CVE-2020-15734 was published May 24, 2022
A malicious extension with the 'search' permission could have installed a new search engine whose... Moderate Unreviewed
CVE-2021-23986 was published May 24, 2022
Incorrect security UI in downloads in Google Chrome on Android prior to 90.0.4430.93 allowed a... Moderate Unreviewed
CVE-2021-21229 was published May 24, 2022
IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused... High Unreviewed
CVE-2020-4881 was published May 24, 2022
An overly permissive CORS policy in Devolutions Server before 2021.1 and Devolutions Server LTS... Moderate Unreviewed
CVE-2021-28048 was published May 24, 2022
Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a... Moderate Unreviewed
CVE-2021-21184 was published May 24, 2022
Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed... Moderate Unreviewed
CVE-2021-21163 was published May 24, 2022
Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72... Moderate Unreviewed
CVE-2021-21164 was published May 24, 2022
Inappropriate implementation in Site isolation in Google Chrome prior to 89.0.4389.72 allowed a... Moderate Unreviewed
CVE-2021-21175 was published May 24, 2022
An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. Because the... High Unreviewed
CVE-2020-35556 was published May 24, 2022
ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the... High Unreviewed
CVE-2020-6881 was published May 24, 2022
An Origin Validation Error vulnerability in the SafePay component of Bitdefender Antivirus Plus... Moderate Unreviewed
CVE-2020-15733 was published May 24, 2022
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96... Moderate Unreviewed
CVE-2021-21136 was published May 24, 2022
Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a... Moderate Unreviewed
CVE-2021-21135 was published May 24, 2022
Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a... Moderate Unreviewed
CVE-2021-21183 was published May 24, 2022
DSUtility.dll in Pelco Digital Sentry Server before 7.19.67 has an arbitrary file write... High Unreviewed
CVE-2021-27197 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database