Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,247 advisories

Loading
PC Keyboard allows remote unauthenticated users to send instructions to the server to execute... Critical Unreviewed
CVE-2022-45479 was published Dec 5, 2022
Telepad allows remote unauthenticated users to send instructions to the server to execute... Critical Unreviewed
CVE-2022-45477 was published Dec 5, 2022
An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through... Critical Unreviewed
CVE-2022-46414 was published Dec 4, 2022
A vulnerability classified as critical was found in SourceCodester Book Store Management System 1... Critical Unreviewed
CVE-2022-4229 was published Nov 30, 2022
A vulnerability classified as problematic has been found in SourceCodester Book Store Management... High Unreviewed
CVE-2022-4228 was published Nov 30, 2022
The /device/acceptBind end-point for Ourphoto App version 1.4.1 does not require authentication... High Unreviewed
CVE-2022-24190 was published Nov 29, 2022
KubeView vulnerable to full cluster takeover due to improper authentication Critical
CVE-2022-45933 was published for github.com/benc-uk/kubeview (Go) Nov 27, 2022
An issue was discovered in Appalti & Contratti 9.12.2. The target web applications LFS and DL229... High Unreviewed
CVE-2022-44784 was published Nov 22, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. User authentication for accessing the... Critical Unreviewed
CVE-2022-44001 was published Nov 18, 2022
BKG Professional NtripCaster 2.0.39 allows querying information over the UDP protocol without... High Unreviewed
CVE-2022-42982 was published Nov 17, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. Due to exposed CORBA management... Critical Unreviewed
CVE-2022-43999 was published Nov 17, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. Due to an exposed internal... Critical Unreviewed
CVE-2022-44000 was published Nov 17, 2022
Rdiffweb vulnerable to Missing Authentication for Critical Function Low
CVE-2022-4018 was published for rdiffweb (pip) Nov 16, 2022
Multiple W&T products of the ComServer Series are prone to an authentication bypass. An... Critical Unreviewed
CVE-2022-42785 was published Nov 16, 2022
Apache SOAP contains unauthenticated RPCRouterServlet Critical
CVE-2022-45378 was published for soap:soap (Maven) Nov 14, 2022
VMware Workspace ONE Assist prior to 22.10 contains an Authentication Bypass vulnerability. A... Critical Unreviewed
CVE-2022-31685 was published Nov 10, 2022
The memory management module has the logic bypass vulnerability. Successful exploitation of this... High Unreviewed
CVE-2021-46852 was published Nov 10, 2022
ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an... Moderate Unreviewed
CVE-2022-30515 was published Nov 9, 2022
** UNSUPPPORTED WHEN ASSIGNED **Broken Access Control in User Authentication in Avaya Scopia... Critical Unreviewed
CVE-2022-38168 was published Nov 4, 2022
Fedora CoreOS supports setting a GRUB bootloader password using a Butane config. When this... Moderate Unreviewed
CVE-2022-3675 was published Nov 3, 2022
A missing authentication for a critical function vulnerability in Fortinet FortiSOAR 6.4.0 - 6.4... Moderate Unreviewed
CVE-2022-42473 was published Nov 2, 2022
Insufficient validation of untrusted input in VPN in Google Chrome on ChromeOS prior to 106.0... Moderate Unreviewed
CVE-2022-3312 was published Nov 2, 2022
Password recovery vulnerability in SICK SIM1012 Partnumber 1098146 with firmware version < 2.2.0... High Unreviewed
CVE-2022-43990 was published Nov 2, 2022
Password recovery vulnerability in SICK SIM2x00 (ARM) Partnumber 1092673 and 1081902 with... High Unreviewed
CVE-2022-43989 was published Nov 2, 2022
Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 and 1080579 allows an... Critical Unreviewed
CVE-2022-27584 was published Nov 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database