Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,079
Maven
5,000+
npm
3,747
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,438 advisories

Loading
Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and... High Unreviewed
CVE-2022-25915 was published Apr 1, 2022
An improper authentication vulnerability leading to information leakage was discovered in iptime... High Unreviewed
CVE-2021-26620 was published Mar 26, 2022
A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired... High Unreviewed
CVE-2022-1049 was published Mar 26, 2022
Improper Authentication vulnerability in TLS origin validation of Apache Traffic Server allows an... High Unreviewed
CVE-2021-44759 was published Mar 24, 2022
Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used... High Unreviewed
CVE-2022-26504 was published Mar 18, 2022
An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It mishandles software updates... High Unreviewed
CVE-2021-41848 was published Mar 13, 2022
Improper Authentication in FreeTAKServer High
CVE-2022-25508 was published for FreeTAKServer (pip) Mar 12, 2022
CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate... High Unreviewed
CVE-2022-22729 was published Mar 12, 2022
otris Update Manager 1.2.1.0 allows local users to achieve SYSTEM access via unauthenticated... High Unreviewed
CVE-2021-40376 was published Mar 11, 2022
TP-Link Omada SDN Software Controller before 5.0.15 does not check if the authentication method... High Unreviewed
CVE-2021-44032 was published Mar 11, 2022
Acer QuickAccess 2.01.300x before 2.01.3030 and 3.00.30xx before 3.00.3038 contains a local... High Unreviewed
CVE-2022-24286 was published Mar 11, 2022
Acer Care Center 4.00.30xx before 4.00.3042 contains a local privilege escalation vulnerability.... High Unreviewed
CVE-2022-24285 was published Mar 11, 2022
Account compromise in Evmos High
CVE-2022-24738 was published for github.com/tharsis/evmos (Go) Mar 7, 2022
colin-axner
When the device is in factory state, it can be access the shell without adb authentication... High Unreviewed
CVE-2022-23729 was published Mar 5, 2022
Improper Access Control in GitHub repository zulip/zulip prior to 4.10. High Unreviewed
CVE-2021-3967 was published Feb 28, 2022
In wolfSSL before 5.2.0, a TLS 1.3 server cannot properly enforce a requirement for mutual... High Unreviewed
CVE-2022-25640 was published Feb 25, 2022
Improper Authentication in Capsule Proxy High
CVE-2022-23652 was published for github.com/clastix/capsule-proxy (Go) Feb 23, 2022
enj
Unauthenticated control plane denial of service attack in Istio High
CVE-2022-23635 was published for istio.io/istio (Go) Feb 23, 2022
AdamKorcz howardjohn
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos... High Unreviewed
CVE-2020-25719 was published Feb 19, 2022
Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to... High Unreviewed
CVE-2022-24985 was published Feb 17, 2022
Authentication Bypass by Primary Weakness in github.com/kongchuanhujiao/server High
CVE-2021-21403 was published for github.com/kongchuanhujiao/server (Go) Feb 15, 2022
qianjunakasumi
Access Restriction Bypass in go-ldap High
CVE-2017-14623 was published for github.com/go-ldap/ldap (Go) Feb 15, 2022
Authentication bypass by capture-replay in github.com/cosmos/ethermint High
CVE-2021-25834 was published for github.com/cosmos/ethermint (Go) Feb 15, 2022
Improper Authentication in Apache Guacamole High Unreviewed
CVE-2021-43999 was published Feb 15, 2022
An Incorrect Access Control vulnerability exists in zzcms 8.2, which lets a malicious user bypass... High Unreviewed
CVE-2021-45347 was published Feb 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database