GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,757
Erlang
35
GitHub Actions
29
Go
2,328
Maven
5,000+
npm
3,965
NuGet
712
pip
3,745
Pub
12
RubyGems
921
Rust
974
Swift
38
Unreviewed advisories
All unreviewed
5,000+
3,804 advisories
Filter by severity
Some Dahua products have access control vulnerability in the password reset process. Attackers...
Critical
Unreviewed
CVE-2021-33046
was published
Jan 14, 2022
An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web...
Critical
Unreviewed
CVE-2022-23178
was published
Jan 16, 2022
The All in One SEO WordPress plugin before 4.1.5.3 is affected by a Privilege Escalation issue,...
High
Unreviewed
CVE-2021-25036
was published
Jan 18, 2022
SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers...
High
Unreviewed
CVE-2021-38696
was published
Jan 19, 2022
An incorrect setting of UXN bits within mmu_flags_to_s1_pte_attr lead to privileged executable...
Critical
Unreviewed
CVE-2021-22566
was published
Jan 19, 2022
Zoho ManageEngine Desktop Central before 10.1.2137.9 and Desktop Central MSP before 10.1.2137.9...
Critical
Unreviewed
CVE-2021-44757
was published
Jan 19, 2022
Improper Access Control in Onionshare
Moderate
CVE-2022-21695
was published
for
onionshare-cli
(pip)
Jan 21, 2022
Improper Access Control in Onionshare
Moderate
CVE-2022-21692
was published
for
onionshare-cli
(pip)
Jan 21, 2022
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 allows user input to...
Critical
Unreviewed
CVE-2021-43355
was published
Jan 22, 2022
Fresenius Kabi Agilia Link + version 3.0 has a default configuration page accessible without...
Moderate
Unreviewed
CVE-2021-33843
was published
Jan 22, 2022
The web application on Agilia Link+ version 3.0 implements authentication and session management...
Critical
Unreviewed
CVE-2021-23196
was published
Jan 22, 2022
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could allow a remote attacker to bypass security...
Critical
Unreviewed
CVE-2020-4879
was published
Jan 22, 2022
USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute...
High
Unreviewed
CVE-2022-23220
was published
Jan 22, 2022
Unisys OS 2200 Messaging Integration Services (NTSI) 7R3B IC3 and IC4, 7R3C, and 7R3D has an...
Critical
Unreviewed
CVE-2021-43394
was published
Jan 25, 2022
TeslaMate before 1.25.1 (when using the default Docker configuration) allows attackers to open...
Critical
Unreviewed
CVE-2022-23126
was published
Jan 25, 2022
An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An authentication...
Critical
Unreviewed
CVE-2022-23855
was published
Jan 25, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected...
High
Unreviewed
CVE-2021-34865
was published
Jan 26, 2022
Authentication Bypass in ADOdb/ADOdb
Critical
CVE-2021-3850
was published
for
adodb/adodb-php
(Composer)
Jan 27, 2022
Improper Authentication in phpmyadmin
Moderate
CVE-2022-23807
was published
for
phpmyadmin/phpmyadmin
(Composer)
Jan 28, 2022
An authentication bypass vulnerability exists in the cgiserver.cgi Login functionality of reolink...
Critical
Unreviewed
CVE-2021-40404
was published
Jan 29, 2022
Hitachi Energy LinkOne product, has a vulnerability due to a web server misconfiguration, that...
Moderate
Unreviewed
CVE-2021-40338
was published
Jan 29, 2022
Multiple Tenda devices are affected by authentication bypass, such as AC15V1.0 Firmware V15.03.05...
Critical
Unreviewed
CVE-2021-44971
was published
Jan 29, 2022
TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to use the HTTP protocol for authentication...
High
Unreviewed
CVE-2021-45735
was published
Feb 5, 2022
Limited ability to spoof SAML authentication with missing audience verification in Fleet
Moderate
CVE-2022-23600
was published
for
github.com/fleetdm/fleet/v4
(Go)
Feb 7, 2022
An issue was discovered in Servisnet Tessa 0.0.2. An attacker can add a new sysadmin user via a...
Critical
Unreviewed
CVE-2022-22831
was published
Feb 8, 2022
ProTip!
Advisories are also available from the
GraphQL API