GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,934
Composer 4,780
Erlang 36
GitHub Actions 29
Go 2,344
Maven 5,665
npm 3,973
NuGet 719
pip 3,770
Pub 12
RubyGems 923
Rust 978
Swift 38

Unreviewed advisories

All unreviewed 260,058

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,812 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An authentication bypass vulnerability was discovered in the web interface of the Lenovo Fan... Critical Unreviewed

CVE-2021-3849 was published Apr 23, 2022

A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the... High Unreviewed

CVE-2012-3462 was published Apr 23, 2022

The BrowserID (Mozilla Persona) module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers... Critical Unreviewed

CVE-2012-2714 was published Apr 23, 2022

The Limit Login Attempts plugin before 1.7.1 for WordPress does not clear auth cookies upon a... Critical Unreviewed

CVE-2012-10001 was published Apr 23, 2022

ECP SAML binding bypasses authentication flows High

CVE-2021-3827 was published for org.keycloak:keycloak-saml-core (Maven) Apr 27, 2022

IBM QRadar 7.3, 7.4, and 7.5 could allow a malicious actor to impersonate an actor due to key... High Unreviewed

CVE-2021-38878 was published Apr 28, 2022

Keycloak is vulnerable to IDN homograph attack Moderate

CVE-2021-3424 was published for org.keycloak:keycloak-services (Maven) Apr 28, 2022

Unknown vulnerability in Cisco Catalyst 7.5(1) allows local users to bypass authentication and... High Unreviewed

CVE-2003-0216 was published Apr 29, 2022

Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door... High Unreviewed

CVE-2003-1343 was published Apr 29, 2022

login_ldap 3.1 and 3.2 allows remote attackers to initiate unauthenticated bind requests if (1)... Moderate Unreviewed

CVE-2003-1434 was published Apr 29, 2022

The web administration page for the Ericsson HM220dp ADSL modem does not require authentication,... High Unreviewed

CVE-2003-1442 was published Apr 29, 2022

Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows... Moderate Unreviewed

CVE-2003-1433 was published Apr 29, 2022

Netbus 1.5 through 1.7 allows more than one client to be connected at the same time, but only... Moderate Unreviewed

CVE-2003-1475 was published Apr 29, 2022

upload.php in Truegalerie 1.0 allows remote attackers to read arbitrary files by specifying the... Moderate Unreviewed

CVE-2003-1489 was published Apr 29, 2022

TikiWiki 1.6.1 allows remote attackers to bypass authentication by entering a valid username with... High Unreviewed

CVE-2003-1574 was published Apr 29, 2022

The server in IBM Tivoli Storage Manager (TSM) 5.1.x, 5.2.x before 5.2.1.2, and 6.x before 6.1... Low Unreviewed

CVE-2003-1570 was published Apr 29, 2022

The default installation of Cisco voice products, when running the IBM Director Agent on IBM... High Unreviewed

CVE-2004-1760 was published Apr 29, 2022

Session fixation vulnerability in Macromedia JRun 4.0 allows remote attackers to hijack user... High Unreviewed

CVE-2004-2182 was published Apr 29, 2022

edituser.php3 in PHPMyChat 0.14.5 allow remote attackers to bypass authentication and gain... High Unreviewed

CVE-2004-2715 was published Apr 29, 2022

LionMax Software Chat Anywhere 2.72a allows remote attackers to cause a denial of service (server... High Unreviewed

CVE-2004-2724 was published Apr 29, 2022

webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with... High Unreviewed

CVE-2004-2734 was published Apr 29, 2022

Polar HelpDesk 3.0 allows remote attackers to bypass authentication by setting the UserId and... Moderate Unreviewed

CVE-2004-2736 was published Apr 29, 2022

USU Oracle Optimization before 5.17.5 lacks Polkit authentication, which allows smartcollector... High Unreviewed

CVE-2022-29934 was published Apr 30, 2022

Improper Authentication in moodle Moderate

CVE-2022-0985 was published for moodle/moodle (Composer) Apr 30, 2022

In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank... High Unreviewed

CVE-1999-0366 was published Apr 30, 2022

Previous 1 2 … 12 13 14 15 16 … 152 153 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,812 advisories