Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,256 advisories

Loading
The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which... High Unreviewed
CVE-2007-2586 was published May 1, 2022
Pedro Lineu Orso chetcpasswd before 2.4 relies on the X-Forwarded-For HTTP header when verifying... High Unreviewed
CVE-2006-6679 was published May 1, 2022
Raritan Dominion SX (DSX) Console Servers DSX16, DSX32, DSX4, DSX8, and DSXA-48 set (1) world... Moderate Unreviewed
CVE-2005-2136 was published May 1, 2022
The admin API module in the QuizGame extension for MediaWiki through 1.37.2 (before... Critical Unreviewed
CVE-2022-29906 was published Apr 30, 2022
Wondershare Dr. Fone Latest version as of 2021-12-06 is vulnerable to Incorrect Access Control. A... High Unreviewed
CVE-2021-44595 was published Apr 30, 2022
USU Oracle Optimization before 5.17.5 allows attackers to discover the quantum credentials via an... High Unreviewed
CVE-2022-29935 was published Apr 30, 2022
Lexmark products through 2022-02-10 have Incorrect Access Control. High Unreviewed
CVE-2022-24935 was published Apr 29, 2022
Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pro before 12007, and PAM360... Critical Unreviewed
CVE-2022-29081 was published Apr 29, 2022
In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot... Moderate Unreviewed
CVE-2022-23822 was published Apr 28, 2022
cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which... Moderate Unreviewed
CVE-2012-6094 was published Apr 23, 2022
Tahoe-LAFS v1.3.0 through v1.8.2 could allow unauthorized users to delete immutable files in some... Moderate Unreviewed
CVE-2011-3617 was published Apr 22, 2022
An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the... High Unreviewed
CVE-2011-2726 was published Apr 22, 2022
Joomla! Core is prone to a security bypass vulnerability. Exploiting this issue may allow... Critical Unreviewed
CVE-2010-1435 was published Apr 21, 2022
IcedTea6 before 1.7.4 does not properly check property access, which allows unsigned apps to read... Critical Unreviewed
CVE-2010-2548 was published Apr 21, 2022
asterisk allows calls on prohibited networks High Unreviewed
CVE-2009-3723 was published Apr 21, 2022
An issue was discovered on Kyocera d-COLOR MF3555 2XD_S000.002.271 devices. The Web Application... High Unreviewed
CVE-2022-25342 was published Apr 21, 2022
** DISPUTED ** ecjia-daojia 1.38.1-20210202629 is vulnerable to information leakage via content... High Unreviewed
CVE-2022-27055 was published Apr 20, 2022
OSIsoft PI Vision 2020 versions prior to 3.5.0 could disclose information to a user with... Moderate Unreviewed
CVE-2020-25167 was published Apr 19, 2022
An Improper Access Control vulnerability in the Juniper Networks Paragon Active Assurance Control... High Unreviewed
CVE-2022-22190 was published Apr 15, 2022
On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is... High Unreviewed
CVE-2021-28505 was published Apr 15, 2022
Improper access controls in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and... Moderate Unreviewed
CVE-2020-25160 was published Apr 15, 2022
In setServiceForegroundInnerLocked of ActiveServices.java, there is a possible way for a... High Unreviewed
CVE-2021-0694 was published Apr 13, 2022
Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal ... Moderate Unreviewed
CVE-2021-28544 was published Apr 13, 2022
The Salon booking system Free and Pro WordPress plugins before 7.6.3 do not have proper... High Unreviewed
CVE-2022-0920 was published Apr 12, 2022
An Access Control vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS... High Unreviewed
CVE-2021-37292 was published Apr 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database