GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,565
Composer 4,201
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,163
npm 3,702
NuGet 660
pip 3,328
Pub 11
RubyGems 883
Rust 843
Swift 36

Unreviewed advisories

All unreviewed 233,918

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

314 advisories

Filter by severity

Sort by

Least recently updated

The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does... Critical Unreviewed

CVE-2021-31337 was published May 24, 2022

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are... Critical Unreviewed

CVE-2021-33221 was published May 24, 2022

An issue was discovered in Echo ShareCare 8.15.5. It does not perform authentication or... Critical Unreviewed

CVE-2021-36124 was published May 24, 2022

Missing authentication for critical function in AssetView prior to Ver.13.2.0 allows a remote... Critical Unreviewed

CVE-2022-28719 was published Apr 29, 2022

A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T200 (... Critical Unreviewed

CVE-2021-22772 was published May 24, 2022

The resolution SAML SSO apps for Atlassian products allow a remote attacker to login to a user... Critical Unreviewed

CVE-2021-37843 was published May 24, 2022

In SapphireIMS 5.0, it is possible to create local administrator on any client without requiring... Critical Unreviewed

CVE-2020-25563 was published May 24, 2022

The KUKA SystemSoftware V/KSS in versions prior to 8.6.5 is prone to improper access control as... Critical Unreviewed

CVE-2022-2242 was published Aug 11, 2022

A CWE-284: Improper Access Control vulnerability exists in Easergy T300 (with firmware 2.7 and... Critical Unreviewed

CVE-2020-7561 was published May 24, 2022

HGiga EIP product lacks ineffective access control in certain pages that allow attackers to... Critical Unreviewed

CVE-2021-22850 was published May 24, 2022

A vulnerability in the user registration component found in the ~/src/Classes/RegistrationAuth... Critical Unreviewed

CVE-2021-34621 was published May 24, 2022

BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to ... Critical Unreviewed

CVE-2021-28913 was published May 24, 2022

Properly formatted POST requests to multiple resources on the HTTP and HTTPS web servers of the... Critical Unreviewed

CVE-2021-38412 was published May 24, 2022

The manage users profile services of the network camera device allows an authenticated. Remote... Critical Unreviewed

CVE-2021-30167 was published May 24, 2022

The server permits communication without any authentication procedure, allowing the attacker to... Critical Unreviewed

CVE-2021-38457 was published May 24, 2022

Missing authentication for critical function vulnerability in iSCSI management functionality in... Critical Unreviewed

CVE-2022-27623 was published Oct 25, 2022

A vulnerability has been found in SourceCodester Sanitization Management System 1.0 and... Critical Unreviewed

CVE-2022-3674 was published Oct 26, 2022

The affected product’s configuration is vulnerable due to missing authentication, which may allow... Critical Unreviewed

CVE-2021-32930 was published May 24, 2022

An improper authentication vulnerability exists in the REST API functionality of Open Automation... Critical Unreviewed

CVE-2022-26833 was published May 26, 2022

A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open... Critical Unreviewed

CVE-2022-26082 was published May 26, 2022

The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable... Critical Unreviewed

CVE-2022-1368 was published Sep 7, 2022

The database backup function in Delta Electronics InfraSuite Device Master Versions 00.00.01a and... Critical Unreviewed

CVE-2022-40202 was published Nov 1, 2022

Missing authentication for critical function vulnerability in UNIMO Technology digital video... Critical Unreviewed

CVE-2022-35733 was published Aug 24, 2022

VMware Workspace ONE Assist prior to 22.10 contains an Authentication Bypass vulnerability. A... Critical Unreviewed

CVE-2022-31685 was published Nov 10, 2022

Registers used to store Modbus values can be read and written from the web interface without... Critical Unreviewed

CVE-2019-6533 was published May 13, 2022

Previous 1 2 3 4 5 6 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

314 advisories