Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,231
Erlang
31
GitHub Actions
20
Go
1,991
Maven
5,000+
npm
3,709
NuGet
661
pip
3,341
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,419 advisories

Loading
OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access... High Unreviewed
CVE-2020-15078 was published May 24, 2022
Session fixation vulnerability in Elxis CMS 2008.1 revision 2204 allows remote attackers to... High Unreviewed
CVE-2008-4649 was published May 17, 2022
There is an improper authentication vulnerability in FLMG-10 10.0.1.0(H100SP22C00). Successful... High Unreviewed
CVE-2022-22259 was published Jun 14, 2022
CyberArk Identity 21.5.131, when handling an invalid authentication attempt, sometimes reveals... High Unreviewed
CVE-2021-37151 was published May 24, 2022
Certain NETGEAR smart switches are affected by a \n injection in the web UI's password field,... High Unreviewed
CVE-2021-41314 was published May 24, 2022
ManageEngine ADManager Plus before 7111 has Pre-authentication RCE vulnerabilities. High Unreviewed
CVE-2021-37741 was published May 24, 2022
In M-Files Web product with versions before 20.10.9524.1 and 20.10.9445.0, a remote attacker... High Unreviewed
CVE-2021-37254 was published May 24, 2022
Improper verification of timeout-based authentication in identity credential can lead to invalid... High Unreviewed
CVE-2021-35094 was published Jun 15, 2022
An issue was discovered in the pixxio (aka pixx.io integration or DAM) extension before 1.0.6 for... High Unreviewed
CVE-2021-43563 was published May 24, 2022
Unspecified vulnerability in Sun Integrated Lights-Out Manager (ILOM) 2.0.1.5 through 2.0.4.26... High Unreviewed
CVE-2008-4722 was published May 17, 2022
Cisco RV110W, RV130W, and RV215W devices have an incorrect RBAC configuration for the default... High Unreviewed
CVE-2015-6397 was published May 17, 2022
MaLion for Windows 5.2.1 and earlier (only when "Remote Control" is installed) and MaLion for Mac... High Unreviewed
CVE-2017-10815 was published May 17, 2022
Mantis before 1.1.3 does not unset the session cookie during logout, which makes it easier for... High Unreviewed
CVE-2008-4689 was published May 17, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series... High Unreviewed
CVE-2021-1542 was published May 24, 2022
An issue was discovered on D-Link DIR-850L 1.21WW devices. A partially completed WPA handshake is... High Unreviewed
CVE-2018-18907 was published Jun 17, 2022
An issue was discovered in Couchbase Server before 7.0.4. XDCR lacks role checking when changing... High Unreviewed
CVE-2022-32560 was published Jun 14, 2022
A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11... High Unreviewed
CVE-2022-21935 was published Jun 16, 2022
In setScanMode of AdapterService.java, there is a possible way to enable Bluetooth discovery mode... High Unreviewed
CVE-2022-20126 was published Jun 16, 2022
Multiple unspecified vulnerabilities in the Backup Exec remote-agent logon process in Symantec... High Unreviewed
CVE-2008-5407 was published May 17, 2022
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1,... High Unreviewed
CVE-2017-8495 was published May 17, 2022
Authentication bypass vulnerability in Apple Game Center auth adapter High
CVE-2022-31083 was published for parse-server (npm) Jun 17, 2022
yoshmidev
The authentication checks of the MELAG FTP Server in version 2.2.0.4 are incomplete, which allows... High Unreviewed
CVE-2021-41638 was published Jun 25, 2022
A misconfiguration of RSA in PingID Mac Login prior to 1.1 is vulnerable to pre-computed... High Unreviewed
CVE-2021-41995 was published Jul 1, 2022
A vulnerability classified as critical was found in uTorrent. This vulnerability affects unknown... High Unreviewed
CVE-2018-25043 was published Jun 18, 2022
** DISPUTED ** Grafana 8.4.3 allows unauthenticated access via (for example) a /dashboard... High Unreviewed
CVE-2022-32276 was published Jun 18, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database