GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,300
Composer 4,359
Erlang 33
GitHub Actions 22
Go 2,124
Maven 5,300
npm 3,787
NuGet 683
pip 3,467
Pub 12
RubyGems 894
Rust 892
Swift 38

Unreviewed advisories

All unreviewed 244,467

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

239 advisories

Filter by severity

Sort by

Least recently updated

Through use of reportValidity() and window.open(), a plain-text validation message could have... Moderate Unreviewed

CVE-2021-38497 was published May 24, 2022

Inappropriate implementation in Compositing in Google Chrome on Android prior to 94.0.4606.54... Moderate Unreviewed

CVE-2021-37966 was published May 24, 2022

Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote... Moderate Unreviewed

CVE-2021-37971 was published May 24, 2022

Yandex Browser for Android 20.8.4 allows remote attackers to perform SOP bypass and addresss bar... High Unreviewed

CVE-2020-27969 was published May 24, 2022

Incorrect security UI in Navigation in Google Chrome on Android prior to 92.0.4515.131 allowed a... Moderate Unreviewed

CVE-2021-30596 was published May 24, 2022

In Ping Identity RSA SecurID Integration Kit before 3.2, user impersonation can occur. High Unreviewed

CVE-2021-39270 was published May 24, 2022

Incorrect security UI in downloads in Google Chrome on Android prior to 90.0.4430.93 allowed a... Moderate Unreviewed

CVE-2021-21229 was published May 24, 2022

Inappropriate implementation in Navigation in Google Chrome on iOS prior to 90.0.4430.72 allowed... Moderate Unreviewed

CVE-2021-21211 was published May 24, 2022

Inappropriate implementation in storage in Google Chrome prior to 90.0.4430.72 allowed a remote... Moderate Unreviewed

CVE-2021-21209 was published May 24, 2022

The server in npupnp before 4.1.4 is affected by DNS rebinding in the embedded web server ... High Unreviewed

CVE-2021-31718 was published May 24, 2022

An overly permissive CORS policy in Devolutions Server before 2021.1 and Devolutions Server LTS... Moderate Unreviewed

CVE-2021-28048 was published May 24, 2022

An Origin Validation Error vulnerability in Bitdefender Safepay allows an attacker to manipulate... Moderate Unreviewed

CVE-2020-15734 was published May 24, 2022

A malicious extension with the 'search' permission could have installed a new search engine whose... Moderate Unreviewed

CVE-2021-23986 was published May 24, 2022

Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a... Moderate Unreviewed

CVE-2021-21183 was published May 24, 2022

Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a... Moderate Unreviewed

CVE-2021-21184 was published May 24, 2022

Inappropriate implementation in Site isolation in Google Chrome prior to 89.0.4389.72 allowed a... Moderate Unreviewed

CVE-2021-21175 was published May 24, 2022

Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72... Moderate Unreviewed

CVE-2021-21164 was published May 24, 2022

Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed... Moderate Unreviewed

CVE-2021-21163 was published May 24, 2022

A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches... Moderate Unreviewed

CVE-2021-1231 was published May 24, 2022

An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. Because the... High Unreviewed

CVE-2020-35556 was published May 24, 2022

DSUtility.dll in Pelco Digital Sentry Server before 7.19.67 has an arbitrary file write... High Unreviewed

CVE-2021-27197 was published May 24, 2022

Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96... Moderate Unreviewed

CVE-2021-21136 was published May 24, 2022

Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a... Moderate Unreviewed

CVE-2021-21135 was published May 24, 2022

IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused... High Unreviewed

CVE-2020-4881 was published May 24, 2022

ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the... High Unreviewed

CVE-2020-6881 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

239 advisories