Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,795 advisories

Loading
The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x... High Unreviewed
CVE-2011-0383 was published May 17, 2022
The Java Servlet framework on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1... High Unreviewed
CVE-2011-0384 was published May 17, 2022
VMware vFabric tc Server (aka SpringSource tc Server) 2.0.x before 2.0.6.RELEASE and 2.1.x before... Moderate Unreviewed
CVE-2011-0527 was published May 17, 2022
The server components in Objectivity/DB 10.0 do not require authentication for administrative... High Unreviewed
CVE-2011-0489 was published May 17, 2022
Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition ... High Unreviewed
CVE-2011-0688 was published May 17, 2022
Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used... High Unreviewed
CVE-2022-26504 was published Mar 18, 2022
Red Hat Network (RHN) Satellite Server 5.4 does not use a time delay after a failed login attempt... Moderate Unreviewed
CVE-2011-0718 was published May 17, 2022
In maccms v10, an attacker can log in through /index.php/user/login in the "col" and "openid"... Critical Unreviewed
CVE-2021-45786 was published Mar 17, 2022
An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It mishandles software updates... High Unreviewed
CVE-2021-41848 was published Mar 13, 2022
** DISPUTED ** An issue was discovered in OpenSSH before 8.9. If a client is using public-key... Low Unreviewed
CVE-2021-36368 was published Mar 14, 2022
Sudden swap of user auth tokens in Volto Moderate
CVE-2022-24740 was published for @plone/volto (npm) Mar 14, 2022
CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate... High Unreviewed
CVE-2022-22729 was published Mar 12, 2022
TP-Link Omada SDN Software Controller before 5.0.15 does not check if the authentication method... High Unreviewed
CVE-2021-44032 was published Mar 11, 2022
otris Update Manager 1.2.1.0 allows local users to achieve SYSTEM access via unauthenticated... High Unreviewed
CVE-2021-40376 was published Mar 11, 2022
Acer QuickAccess 2.01.300x before 2.01.3030 and 3.00.30xx before 3.00.3038 contains a local... High Unreviewed
CVE-2022-24286 was published Mar 11, 2022
Acer Care Center 4.00.30xx before 4.00.3042 contains a local privilege escalation vulnerability.... High Unreviewed
CVE-2022-24285 was published Mar 11, 2022
YzmCMS v6.3 is affected by broken access control. Without login, unauthorized access to the user... Critical Unreviewed
CVE-2022-23383 was published Mar 11, 2022
IBM QRadar SIEM 7.3 and 7.4 could allow an attacker to obtain sensitive information due to the... Moderate Unreviewed
CVE-2021-29779 was published Dec 2, 2021
Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and... High Unreviewed
CVE-2021-20861 was published Dec 2, 2021
In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early... Critical Unreviewed
CVE-2021-45079 was published Feb 8, 2022
omniauth-facebook Improper Authentication vulnerability High
CVE-2013-4593 was published for omniauth-facebook (RubyGems) May 5, 2022
Rancher generated tokens not revoked after modifications made to authentication provider High
GHSA-c45c-39f6-6gw9 was published for github.com/rancher/rancher (Go) Jan 25, 2023
Ruby-SAML Improper Authentication vulnerability High
CVE-2017-11428 was published for ruby-saml (RubyGems) Jul 5, 2019
phpMyFAQ Improper Authentication vulnerability Critical
CVE-2023-0311 was published for thorsten/phpmyfaq (Composer) Jan 16, 2023
xml-crypto's HMAC-SHA1 signatures can bypass validation via key confusion High
GHSA-c27r-x354-4m68 was published for xml-crypto (npm) Oct 27, 2020
bawolff
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database