Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

838 advisories

Loading
Moxa PT-7728 devices with software 3.4 build 15081113 allow remote authenticated users to change... High Unreviewed
CVE-2016-4514 was published May 13, 2022
In systemd before v242-rc4, it was discovered that pam_systemd does not properly sanitize the... High Unreviewed
CVE-2019-3842 was published May 13, 2022
The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote authenticated... High Unreviewed
CVE-2013-6926 was published May 13, 2022
An exploitable improper authorization vulnerability exists in miner_setGasPrice API of cpp... High Unreviewed
CVE-2017-12116 was published May 13, 2022
An exploitable improper authorization vulnerability exists in miner_setEtherbase API of cpp... High Unreviewed
CVE-2017-12115 was published May 13, 2022
An exploitable improper authorization vulnerability exists in admin_nodeInfo API of cpp-ethereum... High Unreviewed
CVE-2017-12113 was published May 13, 2022
An exploitable improper authorization vulnerability exists in admin_addPeer API of cpp-ethereum's... High Unreviewed
CVE-2017-12112 was published May 13, 2022
An exploitable improper authorization vulnerability exists in miner_start API of cpp-ethereum's... High Unreviewed
CVE-2017-12117 was published May 13, 2022
An exploitable improper authorization vulnerability exists in miner_stop API of cpp-ethereum's... High Unreviewed
CVE-2017-12118 was published May 13, 2022
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows... High Unreviewed
CVE-2022-30594 was published May 13, 2022
Improper access control for the Intel(R) Killer(TM) Control Center software before version 2.4... High Unreviewed
CVE-2021-26258 was published May 13, 2022
ZTE's ZXMP M721 product has a permission and access control vulnerability. Since the folder... High Unreviewed
CVE-2022-23139 was published May 13, 2022
Sysaid – Pro Plus Edition, SysAid Help Desk Broken Access Control v20.4.74 b10, v22.1.20 b62, v22... High Unreviewed
CVE-2022-22798 was published May 13, 2022
Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality.... High Unreviewed
CVE-2022-29855 was published May 12, 2022
Windows Authentication Security Feature Bypass Vulnerability. High Unreviewed
CVE-2022-26913 was published May 11, 2022
A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE... High Unreviewed
CVE-2022-23705 was published May 10, 2022
ReviewBoard: has an access-control problem in REST API High Unreviewed
CVE-2013-4410 was published May 5, 2022
Konga v0.14.9 is affected by an incorrect access control vulnerability where a specially crafted... High Unreviewed
CVE-2021-42192 was published May 5, 2022
An incorrect access control issue in Sandboxie Classic v5.55.13 allows attackers to cause a... High Unreviewed
CVE-2022-28067 was published May 5, 2022
An improper access control vulnerability [CWE-284] in FortiIsolator versions 2.3.2 and below may... High Unreviewed
CVE-2021-41020 was published May 5, 2022
In H3C MagicR100 <=V100R005, the / Ajax / ajaxget interface can be accessed without authorization... High Unreviewed
CVE-2022-28940 was published May 5, 2022
An improper access control in Fortinet FortiSOAR before 7.2.0 allows unauthenticated attackers to... High Unreviewed
CVE-2022-23443 was published May 5, 2022
Condor before 7.0.4 does not properly handle wildcards in the ALLOW_WRITE, DENY_WRITE,... High Unreviewed
CVE-2008-3424 was published May 2, 2022
The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which... High Unreviewed
CVE-2007-2586 was published May 1, 2022
Pedro Lineu Orso chetcpasswd before 2.4 relies on the X-Forwarded-For HTTP header when verifying... High Unreviewed
CVE-2006-6679 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database