Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,343
Maven
5,000+
npm
3,973
NuGet
719
pip
3,770
Pub
12
RubyGems
923
Rust
978
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,811 advisories

Loading
A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired... High Unreviewed
CVE-2022-1049 was published Mar 26, 2022
An improper authentication vulnerability leading to information leakage was discovered in iptime... High Unreviewed
CVE-2021-26620 was published Mar 26, 2022
An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker... Critical Unreviewed
CVE-2022-1040 was published Mar 26, 2022
An issue has been discovered in GitLab CE/EE affecting versions 13.0 to 14.6.5, 14.7 to 14.7.4,... Moderate Unreviewed
CVE-2021-4191 was published Mar 29, 2022
A vulnerability classified as problematic has been found in Mirmay Secure Private Browser and... Low Unreviewed
CVE-2018-25030 was published Mar 29, 2022
An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware... Critical Unreviewed
CVE-2022-0342 was published Mar 29, 2022
Incorrect Access Control in ImpressCMS Moderate
CVE-2021-26598 was published for impresscms/impresscms (Composer) Mar 29, 2022
SaltStack Salt Improper Authentication via Man in the Middle Attack Low
CVE-2022-22935 was published for salt (pip) Mar 30, 2022
A vulnerability classified as critical was found in SourceCodester One Church Management System 1... Critical Unreviewed
CVE-2022-1084 was published Mar 30, 2022
A vulnerability in the authentication logic of Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker... Critical Unreviewed
CVE-2019-9564 was published Mar 31, 2022
An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. A user row was not... Critical Unreviewed
CVE-2022-23795 was published Mar 31, 2022
Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and... High Unreviewed
CVE-2022-25915 was published Apr 1, 2022
Vivoh Webinar Manager before 3.6.3.0 has improper API authentication. When a user logs in to the... Moderate Unreviewed
CVE-2021-45900 was published Apr 1, 2022
Wyse Device Agent version 14.6.1.4 and below contain an Improper Authentication vulnerability. A... Moderate Unreviewed
CVE-2022-23156 was published Apr 2, 2022
An issue in provider/libserver/ECKrbAuth.cpp of Kopano-Core v11.0.2.51 contains an issue which... Critical Unreviewed
CVE-2022-26562 was published Apr 2, 2022
Improper cleaning of secure memory between authenticated users can lead to face authentication... High Unreviewed
CVE-2021-1950 was published Apr 2, 2022
A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s):... High Unreviewed
CVE-2022-23699 was published Apr 5, 2022
Improper authorization in GitLab Pages included with GitLab CE/EE affecting all versions from 11... Moderate Unreviewed
CVE-2022-1148 was published Apr 5, 2022
Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 does not protect... Critical Unreviewed
CVE-2021-32980 was published Apr 5, 2022
After Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 is... Critical Unreviewed
CVE-2021-32986 was published Apr 5, 2022
All programming connections receive the same unlocked privileges, which can result in a privilege... Critical Unreviewed
CVE-2021-32984 was published Apr 5, 2022
A vulnerability was found in SAP Information System 1.0 which has been rated as critical.... High Unreviewed
CVE-2022-1248 was published Apr 7, 2022
An Access Control vulnerability exists in CLARO KAON CG3000 1.00.67 in the router configuration,... High Unreviewed
CVE-2021-43483 was published Apr 9, 2022
Improper authentication vulnerability in SecretMode in Samsung Internet prior to version 16.2.1... Moderate Unreviewed
CVE-2022-27839 was published Apr 12, 2022
Improper access control vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical... Moderate Unreviewed
CVE-2022-25831 was published Apr 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database