GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,851
Composer 4,870
Erlang 37
GitHub Actions 36
Go 2,494
Maven 5,932
npm 4,129
NuGet 735
pip 3,944
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,457

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,421 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A denial of service vulnerability exists in the SeaMax remote configuration functionality of... High Unreviewed

CVE-2021-21965 was published Feb 10, 2022

The impact of this vulnerability is that Arista's EOS eAPI may skip re-evaluating user... Critical Unreviewed

CVE-2021-28503 was published Feb 10, 2022

Microsoft SharePoint Server Security Feature BypassVulnerability. Moderate Unreviewed

CVE-2022-21968 was published Feb 10, 2022

After the initial setup process, some steps of setup.php file are reachable not only by super... Moderate Unreviewed

CVE-2022-23134 was published Feb 9, 2022

Systemic Insecure Permissions in Northstar Technologies Inc NorthStar Club Management 6.3 allows... Critical Unreviewed

CVE-2021-29396 was published Feb 9, 2022

In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early... Critical Unreviewed

CVE-2021-45079 was published Feb 8, 2022

An authenticated and authorized agent user could potentially gain administrative access via an... High Unreviewed

CVE-2022-0366 was published Feb 8, 2022

An issue was discovered in Servisnet Tessa 0.0.2. An attacker can add a new sysadmin user via a... Critical Unreviewed

CVE-2022-22831 was published Feb 8, 2022

TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to use the HTTP protocol for authentication... High Unreviewed

CVE-2021-45735 was published Feb 5, 2022

Multiple Tenda devices are affected by authentication bypass, such as AC15V1.0 Firmware V15.03.05... Critical Unreviewed

CVE-2021-44971 was published Jan 29, 2022

Hitachi Energy LinkOne product, has a vulnerability due to a web server misconfiguration, that... Moderate Unreviewed

CVE-2021-40338 was published Jan 29, 2022

An authentication bypass vulnerability exists in the cgiserver.cgi Login functionality of reolink... Critical Unreviewed

CVE-2021-40404 was published Jan 29, 2022

This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed

CVE-2021-34865 was published Jan 26, 2022

An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An authentication... Critical Unreviewed

CVE-2022-23855 was published Jan 25, 2022

TeslaMate before 1.25.1 (when using the default Docker configuration) allows attackers to open... Critical Unreviewed

CVE-2022-23126 was published Jan 25, 2022

Unisys OS 2200 Messaging Integration Services (NTSI) 7R3B IC3 and IC4, 7R3C, and 7R3D has an... Critical Unreviewed

CVE-2021-43394 was published Jan 25, 2022

USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute... High Unreviewed

CVE-2022-23220 was published Jan 22, 2022

IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could allow a remote attacker to bypass security... Critical Unreviewed

CVE-2020-4879 was published Jan 22, 2022

The web application on Agilia Link+ version 3.0 implements authentication and session management... Critical Unreviewed

CVE-2021-23196 was published Jan 22, 2022

Fresenius Kabi Agilia Link + version 3.0 has a default configuration page accessible without... Moderate Unreviewed

CVE-2021-33843 was published Jan 22, 2022

Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 allows user input to... Critical Unreviewed

CVE-2021-43355 was published Jan 22, 2022

Zoho ManageEngine Desktop Central before 10.1.2137.9 and Desktop Central MSP before 10.1.2137.9... Critical Unreviewed

CVE-2021-44757 was published Jan 19, 2022

An incorrect setting of UXN bits within mmu_flags_to_s1_pte_attr lead to privileged executable... Critical Unreviewed

CVE-2021-22566 was published Jan 19, 2022

SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers... High Unreviewed

CVE-2021-38696 was published Jan 19, 2022

The All in One SEO WordPress plugin before 4.1.5.3 is affected by a Privilege Escalation issue,... High Unreviewed

CVE-2021-25036 was published Jan 18, 2022

Previous 1…134…137 Next

Previous 1 2 … 132 133 134 135 136 137 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,421 advisories