Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

789 advisories

Loading
Mesa Labs AmegaView Versions 3.0 and prior’s passcode is generated by an easily reversible... Critical Unreviewed
CVE-2021-27451 was published Dec 22, 2021
Zoho ManageEngine ServiceDesk Plus MSP before 10.5 Build 10534 is vulnerable to unauthenticated... Critical Unreviewed
CVE-2021-44675 was published Dec 21, 2021
VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 contain an authentication bypass... Critical Unreviewed
CVE-2021-22057 was published Dec 21, 2021
The impacted products, when configured to use SSO, are affected by an improper authentication... Critical Unreviewed
CVE-2021-43935 was published Dec 16, 2021
A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated... Critical Unreviewed
CVE-2021-44524 was published Dec 15, 2021
glFusion CMS 1.7.9 is affected by an access control vulnerability via /public_html/users.php. Critical Unreviewed
CVE-2021-44949 was published Dec 15, 2021
The RegistrationMagic WordPress plugin made it possible for unauthenticated users to log in as... Critical Unreviewed
CVE-2021-4073 was published Dec 15, 2021
An issue was discovered in Reprise RLM 14.2. Because /goform/change_password_process does not... Critical Unreviewed
CVE-2021-44152 was published Dec 14, 2021
Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code... Critical Unreviewed
CVE-2021-44515 was published Dec 13, 2021
ManageEngine's OpUtils 12.5.556 and prior allow access to a few audit directories without... Critical Unreviewed
CVE-2021-44514 was published Dec 10, 2021
Maharashtra State Electricity Board Mahavitara Android Application 8.20 and prior is vulnerable... Critical Unreviewed
CVE-2021-41716 was published Dec 8, 2021
The authentication algorithm of the WebHMI portal is sound, but the implemented mechanism can be... Critical Unreviewed
CVE-2021-43931 was published Dec 7, 2021
It was possible to bypass 2FA for LDAP users and access some specific pages with Basic... Critical Unreviewed
CVE-2021-39890 was published Dec 7, 2021
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and... Critical Unreviewed
CVE-2021-44077 was published Nov 30, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database