GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,144
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,265
npm 3,760
NuGet 678
pip 3,446
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,550

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,186 advisories

Filter by severity

Sort by

Least recently updated

An authentication bypass vulnerability exists in the process_msg() function of the home_security... High Unreviewed

CVE-2021-21953 was published Dec 23, 2021

Dell PowerScale OneFS, versions 8.2.2-9.3.0.x, contain an authentication bypass by primary... High Unreviewed

CVE-2021-36350 was published Dec 22, 2021

Mesa Labs AmegaView Versions 3.0 and prior’s passcode is generated by an easily reversible... Critical Unreviewed

CVE-2021-27451 was published Dec 22, 2021

Zoho ManageEngine ServiceDesk Plus MSP before 10.5 Build 10534 is vulnerable to unauthenticated... Critical Unreviewed

CVE-2021-44675 was published Dec 21, 2021

VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 contain an authentication bypass... Critical Unreviewed

CVE-2021-22057 was published Dec 21, 2021

TCMAN GIM is vulnerable to a lack of authorization in all available webservice methods listed in ... High Unreviewed

CVE-2021-40851 was published Dec 18, 2021

Clementine Music Player through 1.3.1 is vulnerable to a User Mode Write Access Violation,... High Unreviewed

CVE-2021-40826 was published Dec 16, 2021

In stopVpnProfile of Vpn.java, there is a possible VPN profile reset due to a permissions bypass.... High Unreviewed

CVE-2021-0649 was published Dec 16, 2021

The impacted products, when configured to use SSO, are affected by an improper authentication... Critical Unreviewed

CVE-2021-43935 was published Dec 16, 2021

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated... Critical Unreviewed

CVE-2021-44524 was published Dec 15, 2021

Sysaid API User Enumeration - Attacker sending requests to specific api path without any... Moderate Unreviewed

CVE-2021-36721 was published Dec 15, 2021

glFusion CMS 1.7.9 is affected by an access control vulnerability via /public_html/users.php. Critical Unreviewed

CVE-2021-44949 was published Dec 15, 2021

The RegistrationMagic WordPress plugin made it possible for unauthenticated users to log in as... Critical Unreviewed

CVE-2021-4073 was published Dec 15, 2021

In Cibele Thinfinity VirtualUI before 3.0, /changePassword returns different responses for... Moderate Unreviewed

CVE-2021-44848 was published Dec 14, 2021

Auerswald COMfortel 1400 IP and 2600 IP before 2.8G devices allow Authentication Bypass via the ... High Unreviewed

CVE-2021-40856 was published Dec 14, 2021

An issue was discovered in Reprise RLM 14.2. Because /goform/change_password_process does not... Critical Unreviewed

CVE-2021-44152 was published Dec 14, 2021

Lack of an access control check in the External Status Check feature allowed any authenticated... Moderate Unreviewed

CVE-2021-39916 was published Dec 14, 2021

Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code... Critical Unreviewed

CVE-2021-44515 was published Dec 13, 2021

A improper authentication in Fortinet FortiAuthenticator version 6.4.0 allows user to bypass the... High Unreviewed

CVE-2021-43068 was published Dec 10, 2021

Gryphon Tower routers contain an unprotected openvpn configuration file which can grant attackers... High Unreviewed

CVE-2021-20145 was published Dec 10, 2021

An authentication bypass vulnerability exists in the get_aes_key_info_by_packetid() function of... High Unreviewed

CVE-2021-21955 was published Dec 10, 2021

ManageEngine's OpUtils 12.5.556 and prior allow access to a few audit directories without... Critical Unreviewed

CVE-2021-44514 was published Dec 10, 2021

Affected versions of Atlassian Jira Server and Data Center allow attackers with access to an... High Unreviewed

CVE-2021-41311 was published Dec 9, 2021

Affected versions of Atlassian Jira Server and Data Center allow a user who has had their Jira... Moderate Unreviewed

CVE-2021-41309 was published Dec 9, 2021

There is an Identity spoofing and authentication bypass vulnerability in Huawei Smartphone... High Unreviewed

CVE-2021-37054 was published Dec 9, 2021

Previous 1 2 … 124 125 126 127 128 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,186 advisories