Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,164 advisories

Loading
Some Dahua software products have a vulnerability of unauthenticated search for devices. After... Moderate Unreviewed
CVE-2022-45432 was published Dec 27, 2022
Some Dahua software products have a vulnerability of unauthenticated traceroute host from remote... Low Unreviewed
CVE-2022-45433 was published Dec 27, 2022
An issue was discovered in Simmeth Lieferantenmanager before 5.6. An attacker can make various... Critical Unreviewed
CVE-2022-44013 was published Dec 25, 2022
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where... Moderate Unreviewed
CVE-2022-3188 was published Dec 22, 2022
Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 with firmware version <1.13... Critical Unreviewed
CVE-2022-47377 was published Dec 21, 2022
VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability.... Moderate Unreviewed
CVE-2022-31701 was published Dec 14, 2022
An issue in the component tpi_systool_handle(0) (/goform/SysToolReboot) of Tenda W6-S v1.0.0.4... High Unreviewed
CVE-2022-45498 was published Dec 8, 2022
An issue in the component tpi_systool_handle(0) (/goform/SysToolRestoreSet) of Tenda W6-S v1.0.0... High Unreviewed
CVE-2022-45504 was published Dec 8, 2022
Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4... Critical Unreviewed
CVE-2022-42458 was published Dec 7, 2022
The default configuration of Lazy Mouse does not require a password, allowing remote... Critical Unreviewed
CVE-2022-45481 was published Dec 5, 2022
PC Keyboard allows remote unauthenticated users to send instructions to the server to execute... Critical Unreviewed
CVE-2022-45479 was published Dec 5, 2022
Telepad allows remote unauthenticated users to send instructions to the server to execute... Critical Unreviewed
CVE-2022-45477 was published Dec 5, 2022
An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through... Critical Unreviewed
CVE-2022-46414 was published Dec 4, 2022
A vulnerability classified as problematic has been found in SourceCodester Book Store Management... High Unreviewed
CVE-2022-4228 was published Nov 30, 2022
A vulnerability classified as critical was found in SourceCodester Book Store Management System 1... Critical Unreviewed
CVE-2022-4229 was published Nov 30, 2022
The /device/acceptBind end-point for Ourphoto App version 1.4.1 does not require authentication... High Unreviewed
CVE-2022-24190 was published Nov 29, 2022
An issue was discovered in Appalti & Contratti 9.12.2. The target web applications LFS and DL229... High Unreviewed
CVE-2022-44784 was published Nov 22, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. User authentication for accessing the... Critical Unreviewed
CVE-2022-44001 was published Nov 18, 2022
BKG Professional NtripCaster 2.0.39 allows querying information over the UDP protocol without... High Unreviewed
CVE-2022-42982 was published Nov 17, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. Due to exposed CORBA management... Critical Unreviewed
CVE-2022-43999 was published Nov 17, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. Due to an exposed internal... Critical Unreviewed
CVE-2022-44000 was published Nov 17, 2022
Multiple W&T products of the ComServer Series are prone to an authentication bypass. An... Critical Unreviewed
CVE-2022-42785 was published Nov 16, 2022
VMware Workspace ONE Assist prior to 22.10 contains an Authentication Bypass vulnerability. A... Critical Unreviewed
CVE-2022-31685 was published Nov 10, 2022
The memory management module has the logic bypass vulnerability. Successful exploitation of this... High Unreviewed
CVE-2021-46852 was published Nov 10, 2022
ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an... Moderate Unreviewed
CVE-2022-30515 was published Nov 9, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database