GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,498

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

299 advisories

Filter by severity

Sort by

Least recently updated

When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows... Critical Unreviewed

CVE-2022-25251 was published Mar 17, 2022

Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an... Critical Unreviewed

CVE-2022-25247 was published Mar 17, 2022

A vulnerability is in the 'wx.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6... Critical Unreviewed

CVE-2021-44259 was published Mar 18, 2022

In Totolink A3100R V5.9c.4577, multiple pages can be read by curl or Burp Suite without... Critical Unreviewed

CVE-2021-46009 was published Apr 1, 2022

AVEVA System Platform versions 2017 through 2020 R2 P01 does not perform any authentication for... Critical Unreviewed

CVE-2021-33008 was published Apr 5, 2022

An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip... Critical Unreviewed

CVE-2021-28506 was published Jan 15, 2022

The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not... Critical Unreviewed

CVE-2022-28660 was published May 21, 2022

Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) allow Authentication... Critical Unreviewed

CVE-2020-25218 was published May 24, 2022

Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5... Critical Unreviewed

CVE-2020-36239 was published May 24, 2022

Tad Book3 editing book page does not perform identity verification. Remote attackers can use the... Critical Unreviewed

CVE-2021-41974 was published May 24, 2022

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6),... Critical Unreviewed

CVE-2022-30230 was published Jun 15, 2022

Authentication Bypass vulnerability in the web interface in McAfee Advanced Threat Defense (ATD)... Critical Unreviewed

CVE-2017-4052 was published May 17, 2022

In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0,... Critical Unreviewed

CVE-2017-10804 was published May 17, 2022

A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The... Critical Unreviewed

CVE-2021-44222 was published Jul 13, 2022

OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 allows remote attackers to execute arbitrary... Critical Unreviewed

CVE-2016-5053 was published May 17, 2022

An issue was discovered in Smiths-Medical CADD-Solis Medication Safety Software, Version 1.0; 2.0... Critical Unreviewed

CVE-2016-8355 was published May 17, 2022

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker... Critical Unreviewed

CVE-2022-20858 was published Jul 22, 2022

An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Lack of... Critical Unreviewed

CVE-2017-5162 was published May 17, 2022

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a missing... Critical Unreviewed

CVE-2022-22526 was published Sep 29, 2022

Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. It... Critical Unreviewed

CVE-2022-29952 was published Jul 27, 2022

Multiple W&T products of the ComServer Series are prone to an authentication bypass. An... Critical Unreviewed

CVE-2022-42785 was published Nov 16, 2022

A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580,... Critical Unreviewed

CVE-2019-6808 was published May 24, 2022

The administrative web server component of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO... Critical Unreviewed

CVE-2019-8993 was published May 24, 2022

An issue was discovered in upgrade_htmls.cgi on VStarcam 100T (C7824WIP) KR75.8.53.20 and 200V ... Critical Unreviewed

CVE-2019-12288 was published May 24, 2022

Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4... Critical Unreviewed

CVE-2022-42458 was published Dec 7, 2022

Previous 1 2 3 4 5 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

299 advisories