Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,247 advisories

Loading
An issue in the component tpi_systool_handle(0) (/goform/SysToolReboot) of Tenda W6-S v1.0.0.4... High Unreviewed
CVE-2022-45498 was published Dec 8, 2022
VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability.... Moderate Unreviewed
CVE-2022-31701 was published Dec 14, 2022
Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 with firmware version <1.13... Critical Unreviewed
CVE-2022-47377 was published Dec 21, 2022
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where... Moderate Unreviewed
CVE-2022-3188 was published Dec 22, 2022
An issue was discovered in Simmeth Lieferantenmanager before 5.6. An attacker can make various... Critical Unreviewed
CVE-2022-44013 was published Dec 25, 2022
Some Dahua software products have a vulnerability of unauthenticated traceroute host from remote... Low Unreviewed
CVE-2022-45433 was published Dec 27, 2022
Some Dahua software products have a vulnerability of unauthenticated request of MQTT credentials.... High Unreviewed
CVE-2022-45423 was published Dec 27, 2022
Some Dahua software products have a vulnerability of unauthenticated request of AES crypto key.... Moderate Unreviewed
CVE-2022-45424 was published Dec 27, 2022
Some Dahua software products have a vulnerability of unauthenticated search for devices. After... Moderate Unreviewed
CVE-2022-45432 was published Dec 27, 2022
An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private... High Unreviewed
CVE-2022-46463 was published Jan 13, 2023
NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmiFlash, where a local user with... High Unreviewed
CVE-2022-42276 was published Jan 13, 2023
NVIDIA DGX Station contains a vulnerability in SBIOS in the SmiFlash, where a local user with... High Unreviewed
CVE-2022-42277 was published Jan 13, 2023
NVIDIA BMC IPMI handler allows an unauthenticated host to write to a host SPI flash bypassing... High Unreviewed
CVE-2022-42275 was published Jan 13, 2023
An issue was discovered in FC46-WebBridge on GE Grid Solutions MS3000 devices before 3.7.6.25p0_3... Critical Unreviewed
CVE-2022-43976 was published Jan 17, 2023
Vulnerability in the Oracle iSetup product of Oracle E-Business Suite (component: General Ledger... High Unreviewed
CVE-2023-21856 was published Jan 18, 2023
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed
CVE-2023-21837 was published Jan 18, 2023
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed
CVE-2023-21839 was published Jan 18, 2023
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web... High Unreviewed
CVE-2023-21842 was published Jan 18, 2023
Even if the authentication fails for local service authentication, the requested command could... Critical Unreviewed
CVE-2022-46732 was published Jan 18, 2023
The vulnerability allows a remote unauthenticated attacker to download a backup file, if one... Moderate Unreviewed
CVE-2022-3738 was published Jan 19, 2023
ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. An... High Unreviewed
CVE-2021-43447 was published Jan 23, 2023
An access control issue on TP-LInk Tapo C200 V1 devices allows physically proximate attackers to... Moderate Unreviewed
CVE-2022-41505 was published Jan 23, 2023
The force offline MFA prompt setting is not respected when switching to offline mode in... Low Unreviewed
CVE-2023-0463 was published Jan 26, 2023
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause... Critical Unreviewed
CVE-2022-32528 was published Jan 31, 2023
A CWE-306: Missing Authentication for Critical Function The software does not perform any... Critical Unreviewed
CVE-2022-42970 was published Feb 1, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database