Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

975 advisories

Loading
xlockmore 5.13 allows potential xlock bypass when FVWM switches to the same virtual desktop as a... Critical Unreviewed
CVE-2006-0062 was published Apr 21, 2022
The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows... Critical Unreviewed
CVE-2022-0993 was published Apr 20, 2022
The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows... Critical Unreviewed
CVE-2022-0992 was published Apr 20, 2022
The Visual Form Builder WordPress plugin before 3.0.6 does not perform access control on entry... Moderate Unreviewed
CVE-2022-0140 was published Apr 13, 2022
Electric Vehicle (EV) commonly utilises the Combined Charging System (CCS) for DC rapid charging.... Moderate Unreviewed
CVE-2022-0878 was published Apr 13, 2022
Unauthenticated user can list hidden document from multiple velocity templates in XWiki Moderate
CVE-2022-24820 was published for org.xwiki.platform:xwiki-platform-web (Maven) Apr 8, 2022
Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Missing... High Unreviewed
CVE-2020-27376 was published Apr 8, 2022
A vulnerability was found in SAP Information System 1.0 which has been rated as critical.... High Unreviewed
CVE-2022-1248 was published Apr 7, 2022
AVEVA System Platform versions 2017 through 2020 R2 P01 does not perform any authentication for... Critical Unreviewed
CVE-2021-33008 was published Apr 5, 2022
Sensitive information can be obtained through the handling of serialized data. The issue results... Moderate Unreviewed
CVE-2020-14479 was published Apr 3, 2022
The software does not perform any authentication for critical system functionality. Moderate Unreviewed
CVE-2022-0922 was published Apr 3, 2022
In Totolink A3100R V5.9c.4577, "test.asp" contains an API-like function, which is not... Moderate Unreviewed
CVE-2021-46006 was published Apr 1, 2022
In Totolink A3100R V5.9c.4577, multiple pages can be read by curl or Burp Suite without... Critical Unreviewed
CVE-2021-46009 was published Apr 1, 2022
totolink EX300_v2 V4.0.3c.140_B20210429 and EX1200T V4.1.2cu.5230_B20210706 does not contain an... High Unreviewed
CVE-2022-25008 was published Apr 1, 2022
Missing Authentication for Critical Function in Foreman Ansible High
CVE-2021-3589 was published for foreman_ansible (RubyGems) Mar 24, 2022
A vulnerability is in the 'wx.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6... Critical Unreviewed
CVE-2021-44259 was published Mar 18, 2022
A vulnerability is in the 'MNU_top.htm' page of the Netgear W104, version WAC104-V1.0.4.13, which... High Unreviewed
CVE-2021-44262 was published Mar 18, 2022
A vulnerability is in the 'BRS_top.html' page of the Netgear W104, version WAC104-V1.0.4.13,... Moderate Unreviewed
CVE-2021-44261 was published Mar 18, 2022
A vulnerability is in the 'live_mfg.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6... High Unreviewed
CVE-2021-44260 was published Mar 18, 2022
Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2). Critical Unreviewed
CVE-2022-26501 was published Mar 18, 2022
Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an... Critical Unreviewed
CVE-2022-25247 was published Mar 17, 2022
When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows... Critical Unreviewed
CVE-2022-25251 was published Mar 17, 2022
When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows... High Unreviewed
CVE-2022-25250 was published Mar 17, 2022
Improper Authentication in FreeTAKServer High
CVE-2022-25508 was published for FreeTAKServer (pip) Mar 12, 2022
atune before 0.3-0.8 log in as a local user and run the curl command to access the local atune... High Unreviewed
CVE-2021-33658 was published Mar 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database