Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,164 advisories

Loading
** UNSUPPPORTED WHEN ASSIGNED **Broken Access Control in User Authentication in Avaya Scopia... Critical Unreviewed
CVE-2022-38168 was published Nov 4, 2022
Fedora CoreOS supports setting a GRUB bootloader password using a Butane config. When this... Moderate Unreviewed
CVE-2022-3675 was published Nov 3, 2022
A missing authentication for a critical function vulnerability in Fortinet FortiSOAR 6.4.0 - 6.4... Moderate Unreviewed
CVE-2022-42473 was published Nov 2, 2022
Insufficient validation of untrusted input in VPN in Google Chrome on ChromeOS prior to 106.0... Moderate Unreviewed
CVE-2022-3312 was published Nov 2, 2022
Password recovery vulnerability in SICK SIM1012 Partnumber 1098146 with firmware version < 2.2.0... High Unreviewed
CVE-2022-43990 was published Nov 2, 2022
Password recovery vulnerability in SICK SIM2x00 (ARM) Partnumber 1092673 and 1081902 with... High Unreviewed
CVE-2022-43989 was published Nov 2, 2022
Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 and 1080579 allows an... Critical Unreviewed
CVE-2022-27584 was published Nov 2, 2022
Password recovery vulnerability in SICK SICK SIM4000 (PPC) Partnumber 1078787 allows an... Critical Unreviewed
CVE-2022-27582 was published Nov 2, 2022
Password recovery vulnerability in SICK SIM1004 Partnumber 1098148 with firmware version < 2.0.0... Critical Unreviewed
CVE-2022-27586 was published Nov 2, 2022
Password recovery vulnerability in SICK SIM1000 FX Partnumber 1097816 and 1097817 with firmware... Critical Unreviewed
CVE-2022-27585 was published Nov 2, 2022
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lacks authentication for... High Unreviewed
CVE-2022-41644 was published Nov 1, 2022
The database backup function in Delta Electronics InfraSuite Device Master Versions 00.00.01a and... Critical Unreviewed
CVE-2022-40202 was published Nov 1, 2022
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lack proper... High Unreviewed
CVE-2022-41688 was published Nov 1, 2022
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated... High Unreviewed
CVE-2022-41776 was published Nov 1, 2022
A vulnerability has been found in SourceCodester Sanitization Management System 1.0 and... Critical Unreviewed
CVE-2022-3674 was published Oct 26, 2022
Free5gc v3.2.1 is vulnerable to Information disclosure. Low Unreviewed
CVE-2022-38870 was published Oct 25, 2022
Missing authentication for critical function vulnerability in iSCSI management functionality in... Critical Unreviewed
CVE-2022-27623 was published Oct 25, 2022
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Admin... High Unreviewed
CVE-2022-39412 was published Oct 19, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).... High Unreviewed
CVE-2022-39425 was published Oct 19, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).... High Unreviewed
CVE-2022-39426 was published Oct 19, 2022
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business... Critical Unreviewed
CVE-2022-21587 was published Oct 19, 2022
Asus RT-N12E 2.0.0.39 is affected by an incorrect access control vulnerability. Through system... High Unreviewed
CVE-2020-23648 was published Oct 19, 2022
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version... Critical Unreviewed
CVE-2022-40684 was published Oct 18, 2022
Boodskap IoT Platform v4.4.9-02 allows attackers to make unauthenticated API requests. Moderate Unreviewed
CVE-2022-35136 was published Oct 14, 2022
A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and... Moderate Unreviewed
CVE-2022-20830 was published Oct 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database