Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,423 advisories

Loading
IBM QRadar 7.3, 7.4, and 7.5 could allow a malicious actor to impersonate an actor due to key... High Unreviewed
CVE-2021-38878 was published Apr 28, 2022
The Limit Login Attempts plugin before 1.7.1 for WordPress does not clear auth cookies upon a... Critical Unreviewed
CVE-2012-10001 was published Apr 23, 2022
The BrowserID (Mozilla Persona) module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers... Critical Unreviewed
CVE-2012-2714 was published Apr 23, 2022
A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the... High Unreviewed
CVE-2012-3462 was published Apr 23, 2022
An authentication bypass vulnerability was discovered in the web interface of the Lenovo Fan... Critical Unreviewed
CVE-2021-3849 was published Apr 23, 2022
An authentication bypass vulnerability was discovered in an internal service of the Lenovo Fan... Critical Unreviewed
CVE-2021-3897 was published Apr 23, 2022
An issue was discovered in MISP before 2.4.158. In UsersController.php, password confirmation can... High Unreviewed
CVE-2022-29534 was published Apr 22, 2022
A business logic vulnerability exists in Mi App Store. The vulnerability is caused by incomplete... Moderate Unreviewed
CVE-2020-14121 was published Apr 22, 2022
stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it... Moderate Unreviewed
CVE-2010-2496 was published Apr 21, 2022
TCP firewalls could be circumvented by sending a SYN Packets with other flags (like e.g. RST flag... High Unreviewed
CVE-2002-2438 was published Apr 21, 2022
A vulnerability within the authentication process of Abacus ERP allows a remote attacker to... High Unreviewed
CVE-2022-1065 was published Apr 20, 2022
The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows... Critical Unreviewed
CVE-2022-0992 was published Apr 20, 2022
The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows... Critical Unreviewed
CVE-2022-0993 was published Apr 20, 2022
Real-time image information exposure is caused by insufficient authentication for activated RTSP... High Unreviewed
CVE-2021-26627 was published Apr 20, 2022
A flaw was found in 389-ds-base. If an asterisk is imported as password hashes, either... Critical Unreviewed
CVE-2021-3652 was published Apr 19, 2022
ThinVNC version 1.0b1 allows an unauthenticated user to bypass the authentication process via ... Critical Unreviewed
CVE-2022-25226 was published Apr 19, 2022
Improper authentication vulnerability in the communication protocol provided by AD (Automation... Critical Unreviewed
CVE-2022-26034 was published Apr 16, 2022
A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC)... Critical Unreviewed
CVE-2022-20695 was published Apr 16, 2022
** UNSUPPORTED WHEN ASSIGNED ** A post-authentication arbitrary file read vulnerability impacting... Moderate Unreviewed
CVE-2022-22279 was published Apr 14, 2022
VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE... Critical Unreviewed
CVE-2022-22955 was published Apr 14, 2022
VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE... Critical Unreviewed
CVE-2022-22956 was published Apr 14, 2022
The device authentication service module has a defect vulnerability introduced in the design... High Unreviewed
CVE-2021-46740 was published Apr 12, 2022
The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings... Critical Unreviewed
CVE-2021-46742 was published Apr 12, 2022
Navigating to a specific URL with a patient ID number will result in the server generating a PDF... Moderate Unreviewed
CVE-2022-1067 was published Apr 12, 2022
Improper access control vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical... Moderate Unreviewed
CVE-2022-25831 was published Apr 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database