Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,424 advisories

Loading
OpenHarmony-v3.1.2 and prior versions have a permission bypass vulnerability. LAN attackers can... Moderate Unreviewed
CVE-2022-38081 was published Sep 10, 2022
OpenHarmony-v3.1.1 and prior versions have a permission bypass vulnerability. LAN attackers can... High Unreviewed
CVE-2022-38700 was published Sep 10, 2022
A vulnerability in the IPSec VPN Server authentication functionality of Cisco Small Business... Critical Unreviewed
CVE-2022-20923 was published Sep 9, 2022
Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of decoy... Moderate Unreviewed
CVE-2022-27969 was published Sep 9, 2022
Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of excluded... Moderate Unreviewed
CVE-2022-27967 was published Sep 9, 2022
Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of monitored... Moderate Unreviewed
CVE-2022-27968 was published Sep 9, 2022
Unverified Password Change in GitHub repository phpfusion/phpfusion prior to 9.10.20. High Unreviewed
CVE-2022-3152 was published Sep 8, 2022
A vulnerability exists in certain AOS-CX switch models which could allow an attacker with access... Moderate Unreviewed
CVE-2022-23691 was published Sep 7, 2022
Dell BIOS versions contain an Improper Authentication vulnerability. A locally authenticated... High Unreviewed
CVE-2022-26858 was published Sep 7, 2022
The Simple Single Sign On WordPress plugin through 4.1.0 leaks its OAuth client_secret, which... High Unreviewed
CVE-2022-2083 was published Sep 6, 2022
Dell PowerProtect Cyber Recovery versions before 19.11.0.2 contain an authentication bypass... Critical Unreviewed
CVE-2022-34372 was published Sep 2, 2022
Dell CloudLink 7.1.3 and all earlier versions contain an Authentication Bypass Using an Alternate... High Unreviewed
CVE-2022-34380 was published Sep 2, 2022
Dell EMC CloudLink 7.1.2 and all prior versions contain an Authentication Bypass Vulnerability. A... Critical Unreviewed
CVE-2022-34379 was published Sep 2, 2022
A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service... High Unreviewed
CVE-2022-2031 was published Aug 26, 2022
A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the... Moderate Unreviewed
CVE-2021-3979 was published Aug 26, 2022
The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few... Moderate Unreviewed
CVE-2021-4142 was published Aug 25, 2022
The file upload wizard in Zengenti Contensis Classic before 15.2.1.79 does not correctly check... Critical Unreviewed
CVE-2022-34919 was published Aug 24, 2022
Broken Authentication vulnerability in yotuwp Video Gallery plugin <= 1.3.4.5 at WordPress. Critical Unreviewed
CVE-2022-35726 was published Aug 24, 2022
The Duplicator WordPress plugin before 1.4.7.1 does not authenticate or authorize visitors before... Moderate Unreviewed
CVE-2022-2552 was published Aug 23, 2022
Authentication Bypass vulnerability in miniOrange OAuth 2.0 client for SSO plugin <= 1.11.3 at... Critical Unreviewed
CVE-2022-34858 was published Aug 23, 2022
Authentication Bypass vulnerability in miniOrange WP OAuth Server plugin <= 3.0.4 at WordPress. Critical Unreviewed
CVE-2022-34149 was published Aug 23, 2022
An improper password check exists in the login functionality of WWBN AVideo 11.6 and dev master... High Unreviewed
CVE-2022-32282 was published Aug 23, 2022
Printix Cloud Print Management v1.3.1149.0 for Windows was discovered to contain insecure... High Unreviewed
CVE-2022-35167 was published Aug 20, 2022
Improper authentication in the Intel(R) Edge Insights for Industrial software before version 2.6... Critical Unreviewed
CVE-2022-22730 was published Aug 19, 2022
Softing Secure Integration Server, edgeConnector, and edgeAggregator software ships with the... Critical Unreviewed
CVE-2022-2336 was published Aug 18, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database