GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,882
Composer 4,870
Erlang 37
GitHub Actions 36
Go 2,500
Maven 5,938
npm 4,145
NuGet 735
pip 3,947
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,470

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,247 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A Missing Authentication for Critical Function vulnerability in B. Braun SpaceCom2 prior to... High Unreviewed

CVE-2021-33882 was published May 24, 2022

HashiCorp Vault Enterprise 0.9.2 through 1.6.2 allowed the read of license metadata from DR... Moderate Unreviewed

CVE-2021-27668 was published May 24, 2022

Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that... Critical Unreviewed

CVE-2021-37415 was published May 24, 2022

BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to ... Critical Unreviewed

CVE-2021-28913 was published May 24, 2022

Missing Authentication for Critical Function in Apache Airflow Critical

CVE-2021-38540 was published for apache-airflow (pip) May 24, 2022

A vulnerability has been identified in SINEMA Server (All versions < V14 SP3). Missing... Moderate Unreviewed

CVE-2019-10941 was published May 24, 2022

Properly formatted POST requests to multiple resources on the HTTP and HTTPS web servers of the... Critical Unreviewed

CVE-2021-38412 was published May 24, 2022

On 2.1.15 version and below of Lider module in LiderAhenk software is leaking it's configurations... High Unreviewed

CVE-2021-3825 was published May 24, 2022

Information disclosure: The main configuration, including users and their hashed passwords, is... High Unreviewed

CVE-2021-23858 was published May 24, 2022

Missing authentication in all versions of GitLab CE/EE since version 7.11.0 allows an attacker... Moderate Unreviewed

CVE-2021-39879 was published May 24, 2022

Tad Book3 editing book page does not perform identity verification. Remote attackers can use the... Critical Unreviewed

CVE-2021-41974 was published May 24, 2022

TadTools special page is vulnerable to authorization bypass, thus remote attackers can use the... High Unreviewed

CVE-2021-41975 was published May 24, 2022

Tad Uploader edit book list function is vulnerable to authorization bypass, thus remote attackers... Moderate Unreviewed

CVE-2021-41976 was published May 24, 2022

Tad Web is vulnerable to authorization bypass, thus remote attackers can exploit the... Moderate Unreviewed

CVE-2021-41568 was published May 24, 2022

An issue was discovered in Digi RealPort through 4.8.488.0. The 'encrypted' mode is vulnerable to... High Unreviewed

CVE-2021-35979 was published May 24, 2022

A vulnerability has been identified in SIMATIC Process Historian 2013 and earlier (All versions),... High Unreviewed

CVE-2021-27395 was published May 24, 2022

The affected product is vulnerable to a missing permission validation on system backup restore,... High Unreviewed

CVE-2021-42539 was published May 24, 2022

The server permits communication without any authentication procedure, allowing the attacker to... Critical Unreviewed

CVE-2021-38457 was published May 24, 2022

Several web interfaces in D-Link DIR-868LW 1.12b have no authentication requirements for access,... Moderate Unreviewed

CVE-2021-33259 was published May 24, 2022

The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote... Moderate Unreviewed

CVE-2019-8449 was published May 24, 2022

A flaw was found in Red Hat 3scale’s API docs URL, where it is accessible without credentials.... Moderate Unreviewed

CVE-2020-25634 was published May 24, 2022

SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network, to... Low Unreviewed

CVE-2021-32453 was published May 24, 2022

The manage users profile services of the network camera device allows an authenticated. Remote... Critical Unreviewed

CVE-2021-30167 was published May 24, 2022

** DISPUTED ** BIRD through 2.0.7 does not provide functionality for password authentication of... Moderate Unreviewed

CVE-2021-26928 was published May 24, 2022

The affected product’s configuration is vulnerable due to missing authentication, which may allow... Critical Unreviewed

CVE-2021-32930 was published May 24, 2022

Previous 1…19…50 Next

Previous 1 2 … 17 18 19 20 21 … 49 50 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,247 advisories