GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
789 advisories
Filter by severity
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and...
Critical
Unreviewed
CVE-2021-44077
was published
Nov 30, 2021
The authentication algorithm of the WebHMI portal is sound, but the implemented mechanism can be...
Critical
Unreviewed
CVE-2021-43931
was published
Dec 7, 2021
It was possible to bypass 2FA for LDAP users and access some specific pages with Basic...
Critical
Unreviewed
CVE-2021-39890
was published
Dec 7, 2021
Maharashtra State Electricity Board Mahavitara Android Application 8.20 and prior is vulnerable...
Critical
Unreviewed
CVE-2021-41716
was published
Dec 8, 2021
ManageEngine's OpUtils 12.5.556 and prior allow access to a few audit directories without...
Critical
Unreviewed
CVE-2021-44514
was published
Dec 10, 2021
Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code...
Critical
Unreviewed
CVE-2021-44515
was published
Dec 13, 2021
An issue was discovered in Reprise RLM 14.2. Because /goform/change_password_process does not...
Critical
Unreviewed
CVE-2021-44152
was published
Dec 14, 2021
The RegistrationMagic WordPress plugin made it possible for unauthenticated users to log in as...
Critical
Unreviewed
CVE-2021-4073
was published
Dec 15, 2021
glFusion CMS 1.7.9 is affected by an access control vulnerability via /public_html/users.php.
Critical
Unreviewed
CVE-2021-44949
was published
Dec 15, 2021
A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated...
Critical
Unreviewed
CVE-2021-44524
was published
Dec 15, 2021
The impacted products, when configured to use SSO, are affected by an improper authentication...
Critical
Unreviewed
CVE-2021-43935
was published
Dec 16, 2021
VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 contain an authentication bypass...
Critical
Unreviewed
CVE-2021-22057
was published
Dec 21, 2021
Zoho ManageEngine ServiceDesk Plus MSP before 10.5 Build 10534 is vulnerable to unauthenticated...
Critical
Unreviewed
CVE-2021-44675
was published
Dec 21, 2021
Mesa Labs AmegaView Versions 3.0 and prior’s passcode is generated by an easily reversible...
Critical
Unreviewed
CVE-2021-27451
was published
Dec 22, 2021
An authentication bypass vulnerability exists in the CMD_DEVICE_GET_RSA_KEY_REQUEST functionality...
Critical
Unreviewed
CVE-2021-21952
was published
Dec 23, 2021
Zoho ManageEngine ServiceDesk Plus before 12003 allows authentication bypass in certain admin...
Critical
Unreviewed
CVE-2021-44526
was published
Dec 24, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects AC2100 before 2021-08...
Critical
Unreviewed
CVE-2021-45511
was published
Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24...
Critical
Unreviewed
CVE-2021-45509
was published
Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24...
Critical
Unreviewed
CVE-2021-45508
was published
Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24...
Critical
Unreviewed
CVE-2021-45507
was published
Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24...
Critical
Unreviewed
CVE-2021-45504
was published
Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects AC2400 before 1.1.0...
Critical
Unreviewed
CVE-2021-45501
was published
Dec 27, 2021
NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass.
Critical
Unreviewed
CVE-2021-45497
was published
Dec 27, 2021
NETGEAR R6700v2 devices before 1.2.0.88 are affected by authentication bypass.
Critical
Unreviewed
CVE-2021-45498
was published
Dec 27, 2021
NETGEAR D7000 devices before 1.0.1.68 are affected by authentication bypass.
Critical
Unreviewed
CVE-2021-45495
was published
Dec 27, 2021
ProTip!
Advisories are also available from the
GraphQL API