Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,270 advisories

Loading
Improper Access Control in GitHub repository zulip/zulip prior to 4.10. High Unreviewed
CVE-2021-3967 was published Feb 28, 2022
In wolfSSL before 5.2.0, a TLS 1.3 server cannot properly enforce a requirement for mutual... High Unreviewed
CVE-2022-25640 was published Feb 25, 2022
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos... High Unreviewed
CVE-2020-25719 was published Feb 19, 2022
Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to... High Unreviewed
CVE-2022-24985 was published Feb 17, 2022
Improper Authentication in Apache Guacamole High Unreviewed
CVE-2021-43999 was published Feb 15, 2022
An Incorrect Access Control vulnerability exists in zzcms 8.2, which lets a malicious user bypass... High Unreviewed
CVE-2021-45347 was published Feb 15, 2022
StarWind SAN and NAS before 0.2 build 1685 allows users to reset other users' passwords. High Unreviewed
CVE-2022-24551 was published Feb 12, 2022
Improper validation of program headers containing ELF metadata can lead to image verification... High Unreviewed
CVE-2021-30317 was published Feb 12, 2022
A CWE-287: Improper Authentication vulnerability exists that could allow remote code execution... High Unreviewed
CVE-2021-22796 was published Feb 12, 2022
A denial of service vulnerability exists in the SeaMax remote configuration functionality of... High Unreviewed
CVE-2021-21965 was published Feb 10, 2022
A denial of service vulnerability exists in the Modbus configuration functionality of Sealevel... High Unreviewed
CVE-2021-21964 was published Feb 10, 2022
An authenticated and authorized agent user could potentially gain administrative access via an... High Unreviewed
CVE-2022-0366 was published Feb 8, 2022
TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to use the HTTP protocol for authentication... High Unreviewed
CVE-2021-45735 was published Feb 5, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed
CVE-2021-34865 was published Jan 26, 2022
USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute... High Unreviewed
CVE-2022-23220 was published Jan 22, 2022
SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers... High Unreviewed
CVE-2021-38696 was published Jan 19, 2022
The All in One SEO WordPress plugin before 4.1.5.3 is affected by a Privilege Escalation issue,... High Unreviewed
CVE-2021-25036 was published Jan 18, 2022
A limited authentication bypass vulnerability was discovered that could allow an attacker to... High Unreviewed
CVE-2022-22990 was published Jan 14, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed
CVE-2021-34977 was published Jan 14, 2022
Netgear Nighthawk R6700 version 1.0.4.120 does not have sufficient protections for the UART... High Unreviewed
CVE-2021-23147 was published Dec 31, 2021
An improper authentication vulnerability has been reported to affect Android App Qfile. If... High Unreviewed
CVE-2021-38688 was published Dec 30, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects R6900P before 1.3.3... High Unreviewed
CVE-2021-45499 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects R7000P before 1.3.3... High Unreviewed
CVE-2021-45500 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6... High Unreviewed
CVE-2021-45502 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6... High Unreviewed
CVE-2021-45503 was published Dec 27, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database