Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,330
Erlang
31
GitHub Actions
21
Go
2,091
Maven
5,000+
npm
3,756
NuGet
678
pip
3,443
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

365 advisories

Loading
A vulnerability classified as problematic has been found in SourceCodester Book Store Management... High Unreviewed
CVE-2022-4228 was published Nov 30, 2022
BKG Professional NtripCaster 2.0.39 allows querying information over the UDP protocol without... High Unreviewed
CVE-2022-42982 was published Nov 17, 2022
The memory management module has the logic bypass vulnerability. Successful exploitation of this... High Unreviewed
CVE-2021-46852 was published Nov 10, 2022
Password recovery vulnerability in SICK SIM2x00 (ARM) Partnumber 1092673 and 1081902 with... High Unreviewed
CVE-2022-43989 was published Nov 2, 2022
Password recovery vulnerability in SICK SIM1012 Partnumber 1098146 with firmware version < 2.2.0... High Unreviewed
CVE-2022-43990 was published Nov 2, 2022
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lack proper... High Unreviewed
CVE-2022-41688 was published Nov 1, 2022
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lacks authentication for... High Unreviewed
CVE-2022-41644 was published Nov 1, 2022
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated... High Unreviewed
CVE-2022-41776 was published Nov 1, 2022
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Admin... High Unreviewed
CVE-2022-39412 was published Oct 19, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).... High Unreviewed
CVE-2022-39426 was published Oct 19, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).... High Unreviewed
CVE-2022-39425 was published Oct 19, 2022
Asus RT-N12E 2.0.0.39 is affected by an incorrect access control vulnerability. Through system... High Unreviewed
CVE-2020-23648 was published Oct 19, 2022
Dapr Dashboard vulnerable to Incorrect Access Control High
CVE-2022-38817 was published for github.com/dapr/dashboard (Go) Oct 4, 2022
An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and below allows unauthenticated... High Unreviewed
CVE-2022-36604 was published Sep 2, 2022
In D-link DIR-816 A2_v1.10CNB04.img,the network can be reset without authentication via /goform... High Unreviewed
CVE-2022-36619 was published Sep 1, 2022
Insecure permissions in cskefu v7.0.1 allows unauthenticated attackers to arbitrarily add... High Unreviewed
CVE-2022-36521 was published Aug 27, 2022
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an... High Unreviewed
CVE-2022-37062 was published Aug 19, 2022
Honeywell Experion PKS Safety Manager through 2022-05-06 has Missing Authentication for a... High Unreviewed
CVE-2022-30313 was published Jul 29, 2022
The Emerson DeltaV Distributed Control System (DCS) through 2022-04-29 mishandles authentication.... High Unreviewed
CVE-2022-29957 was published Jul 27, 2022
The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement.... High Unreviewed
CVE-2022-30276 was published Jul 27, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-35871 was published Jul 26, 2022
The affected product is vulnerable due to missing authentication, which may allow an attacker to... High Unreviewed
CVE-2022-2138 was published Jul 23, 2022
An issue was discovered in Open Design Alliance Drawings SDK before 2023.3. An Out-of-Bounds Read... High Unreviewed
CVE-2022-28809 was published Jul 18, 2022
Apache Hive before 3.1.3 `CREATE` and `DROP` function operations do not check for necessary authorization. High
CVE-2021-34538 was published for org.apache.hive:hive (Maven) Jul 17, 2022
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S ... High Unreviewed
CVE-2022-33138 was published Jul 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database