Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,423 advisories

Loading
There are insufficient warnings when a Fixlet is imported by a user. The warning message... Moderate Unreviewed
CVE-2022-42453 was published Dec 19, 2022
A vulnerability classified as critical was found in Click Studios Passwordstate and Passwordstate... High Unreviewed
CVE-2022-3875 was published Dec 19, 2022
VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability.... Moderate Unreviewed
CVE-2022-31701 was published Dec 14, 2022
Due to the lack of adequately implemented access-control rules, all versions Kingspan TMS300 CS... Critical Unreviewed
CVE-2022-2757 was published Dec 14, 2022
Denial of service in Modem module due to improper authorization while error handling in... High Unreviewed
CVE-2022-25685 was published Dec 13, 2022
Due to a missing authentication check, SAP Business Objects Business Intelligence Platform (Web... Moderate Unreviewed
CVE-2022-41263 was published Dec 13, 2022
A potential security vulnerability has been identified in Hewlett Packard Enterprise... Critical Unreviewed
CVE-2022-37932 was published Dec 12, 2022
Improper Authentication vulnerability in the encrypted volumes and auto mount features of Western... Moderate Unreviewed
CVE-2022-29838 was published Dec 9, 2022
A vulnerability in the web server of Secomea GateManager allows a local user to impersonate as... High Unreviewed
CVE-2022-2752 was published Dec 9, 2022
OpenHarmony-v3.1.4 and prior versions had an vulnerability. PIN code is transmitted to the peer... Moderate Unreviewed
CVE-2022-45877 was published Dec 8, 2022
Improper authentication in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker... Moderate Unreviewed
CVE-2022-39901 was published Dec 8, 2022
Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022... Moderate Unreviewed
CVE-2022-39899 was published Dec 8, 2022
In JetBrains JetBrains Gateway before 2022.3 a client could connect without a valid token if the... High Unreviewed
CVE-2022-46829 was published Dec 8, 2022
Authentication bypass vulnerability in multiple Buffalo network devices allows a network-adjacent... High Unreviewed
CVE-2022-40966 was published Dec 7, 2022
Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4... Critical Unreviewed
CVE-2022-42458 was published Dec 7, 2022
Improper authentication vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10... High Unreviewed
CVE-2022-44620 was published Dec 7, 2022
Improper authentication in Veeam Backup for Google Cloud v1.0 and v3.0 allows attackers to bypass... Critical Unreviewed
CVE-2022-43549 was published Dec 6, 2022
MegaRAC Default Credentials Vulnerability Critical Unreviewed
CVE-2022-40242 was published Dec 6, 2022
AMI MegaRAC Redfish Arbitrary Code Execution Critical Unreviewed
CVE-2022-40259 was published Dec 6, 2022
An access control issue in MobaXterm before v22.1 allows attackers to make connections to the... High Unreviewed
CVE-2022-38336 was published Dec 6, 2022
Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote... Moderate Unreviewed
CVE-2022-43504 was published Dec 5, 2022
An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through... High Unreviewed
CVE-2022-46411 was published Dec 4, 2022
IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.2 could provide a weaker than... Moderate Unreviewed
CVE-2022-43900 was published Dec 1, 2022
SolarWinds Platform was susceptible to Improper Input Validation. This vulnerability allows a... High Unreviewed
CVE-2022-36960 was published Nov 29, 2022
An access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software V4... High Unreviewed
CVE-2022-44037 was published Nov 29, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database