GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

223 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability is in the 'BRS_top.html' page of the Netgear W104, version WAC104-V1.0.4.13,... Moderate Unreviewed

CVE-2021-44261 was published Mar 18, 2022

In setPackageStoppedState of PackageManagerService.java, there is a missing permission check.... Moderate Unreviewed

CVE-2021-1011 was published Dec 16, 2021

In Totolink A3100R V5.9c.4577, "test.asp" contains an API-like function, which is not... Moderate Unreviewed

CVE-2021-46006 was published Apr 1, 2022

Sensitive information can be obtained through the handling of serialized data. The issue results... Moderate Unreviewed

CVE-2020-14479 was published Apr 3, 2022

The software does not perform any authentication for critical system functionality. Moderate Unreviewed

CVE-2022-0922 was published Apr 3, 2022

Electric Vehicle (EV) commonly utilises the Combined Charging System (CCS) for DC rapid charging.... Moderate Unreviewed

CVE-2022-0878 was published Apr 13, 2022

A flaw was found in Red Hat 3scale’s API docs URL, where it is accessible without credentials.... Moderate Unreviewed

CVE-2020-25634 was published May 24, 2022

The Baxter Spectrum WBM does not perform mutual authentication with the gateway server host. This... Moderate Unreviewed

CVE-2022-26394 was published Sep 10, 2022

Zoho ManageEngine OpManager before 125120 allows an unauthenticated user to retrieve an API key... Moderate Unreviewed

CVE-2020-11946 was published May 24, 2022

An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php ... Moderate Unreviewed

CVE-2020-11579 was published May 24, 2022

An exploitable improper access control vulnerability exists in the bluetooth low energy... Moderate Unreviewed

CVE-2019-5014 was published May 24, 2022

The POWER systems FSP is vulnerable to unauthenticated logins through the serial port/TTY... Moderate Unreviewed

CVE-2022-22309 was published May 25, 2022

The Thrive Optimize WordPress plugin before 1.4.13.3, Thrive Comments WordPress plugin before 1.4... Moderate Unreviewed

CVE-2021-24219 was published May 24, 2022

HashiCorp Vault Enterprise 0.9.2 through 1.6.2 allowed the read of license metadata from DR... Moderate Unreviewed

CVE-2021-27668 was published May 24, 2022

A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and... Moderate Unreviewed

CVE-2022-20830 was published Oct 11, 2022

The vulnerability allows a remote unauthenticated attacker to download a backup file, if one... Moderate Unreviewed

CVE-2022-3738 was published Jan 19, 2023

Under certain circumstances an unauthenticated user could access the the web API for Metasys ADS... Moderate Unreviewed

CVE-2021-36200 was published Jul 23, 2022

A CWE-306: Missing Authentication for Critical Function vulnerability exists in IGSS (Versions 14... Moderate Unreviewed

CVE-2020-7479 was published May 24, 2022

A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All... Moderate Unreviewed

CVE-2022-29881 was published May 21, 2022

A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All... Moderate Unreviewed

CVE-2022-29877 was published May 21, 2022

A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All... Moderate Unreviewed

CVE-2022-29879 was published May 21, 2022

Online Store System v1.0 delete_product.php doesn't check to see if a user authtenticated or has... Moderate Unreviewed

CVE-2019-8292 was published May 24, 2022

Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where... Moderate Unreviewed

CVE-2022-3188 was published Dec 22, 2022

Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the... Moderate Unreviewed

CVE-2019-5451 was published May 24, 2022

An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can... Moderate Unreviewed

CVE-2019-17353 was published May 24, 2022

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

223 advisories