Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,425 advisories

Loading
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6),... Moderate Unreviewed
CVE-2022-30229 was published Jun 15, 2022
Improper verification of timeout-based authentication in identity credential can lead to invalid... High Unreviewed
CVE-2021-35094 was published Jun 15, 2022
There is an improper authentication vulnerability in FLMG-10 10.0.1.0(H100SP22C00). Successful... High Unreviewed
CVE-2022-22259 was published Jun 14, 2022
An issue was discovered in Couchbase Server before 7.0.4. XDCR lacks role checking when changing... High Unreviewed
CVE-2022-32560 was published Jun 14, 2022
IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to... Low Unreviewed
CVE-2022-22426 was published Jun 11, 2022
A vulnerability, which was classified as critical, was found in Platinum Mobile 1.0.4.850.... Moderate Unreviewed
CVE-2020-36528 was published Jun 8, 2022
A vulnerability was found in Klapp App and classified as problematic. This issue affects some... Critical Unreviewed
CVE-2020-36533 was published Jun 8, 2022
Improper access control vulnerability in Smart Things prior to 1.7.85.25 allows local attackers... High Unreviewed
CVE-2022-30749 was published Jun 8, 2022
A vulnerability in the application authentication and authorization mechanism in Hitachi Energy's... High Unreviewed
CVE-2021-35530 was published Jun 8, 2022
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is... High Unreviewed
CVE-2022-26975 was published Jun 3, 2022
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is... Moderate Unreviewed
CVE-2022-26971 was published Jun 3, 2022
An attacker with physical access to the victim's device can bypass the application's password/pin... Moderate Unreviewed
CVE-2022-1716 was published Jun 3, 2022
PowerStore contains Plain-Text Password Storage Vulnerability in PowerStore X & T environments... High Unreviewed
CVE-2022-22557 was published Jun 3, 2022
Owl Labs Meeting Owl 5.2.0.15 allows attackers to deactivate the passcode protection mechanism... Moderate Unreviewed
CVE-2022-31461 was published Jun 3, 2022
Owl Labs Meeting Owl 5.2.0.15 does not require a password for Bluetooth commands, because only... High Unreviewed
CVE-2022-31463 was published Jun 3, 2022
A CWE-287: Improper Authentication vulnerability exists that could allow an attacker to take over... High Unreviewed
CVE-2022-30238 was published Jun 3, 2022
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which... High Unreviewed
CVE-2022-22576 was published May 27, 2022
Dell Support Assist OS Recovery versions before 5.5.2 contain an Authentication Bypass... High Unreviewed
CVE-2022-26865 was published May 27, 2022
Dell iDRAC9 versions 5.00.00.00 and later but prior to 5.10.10.00, contain an improper... Critical Unreviewed
CVE-2022-24422 was published May 27, 2022
An authentication issue was addressed with improved state management. This issue is fixed in tvOS... Moderate Unreviewed
CVE-2022-26724 was published May 27, 2022
A downgrade from two-factor authentication to one-factor authentication vulnerability in the CGI... Moderate Unreviewed
CVE-2022-0910 was published May 25, 2022
In LuxSoft LuxCal Web Calendar before 5.2.0, an unauthenticated attacker can manipulate a cookie... Critical Unreviewed
CVE-2021-45915 was published May 25, 2022
In LuxSoft LuxCal Web Calendar before 5.2.0, an unauthenticated attacker can manipulate a POST... Critical Unreviewed
CVE-2021-45914 was published May 25, 2022
A vulnerability has been found in Airfield Online and classified as problematic. This... High Unreviewed
CVE-2021-4230 was published May 25, 2022
An issue in H v1.0 allows attackers to bypass authentication via a session replay attack. Critical Unreviewed
CVE-2022-29334 was published May 25, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database