Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,619 advisories

Loading
Certain NETGEAR devices are affected by authentication bypass. This affects R7000P before 1.3.3... High Unreviewed
CVE-2021-45500 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6... High Unreviewed
CVE-2021-45505 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24... Critical Unreviewed
CVE-2021-45508 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6... High Unreviewed
CVE-2021-45506 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects R6900P before 1.3.3... High Unreviewed
CVE-2021-45499 was published Dec 27, 2021
NETGEAR XR1000 devices before 1.0.0.58 are affected by authentication bypass. High Unreviewed
CVE-2021-45510 was published Dec 27, 2021
An Access Control vulnerability exists in CLARO KAON CG3000 1.00.67 in the router configuration,... High Unreviewed
CVE-2021-43483 was published Apr 9, 2022
All programming connections receive the same unlocked privileges, which can result in a privilege... Critical Unreviewed
CVE-2021-32984 was published Apr 5, 2022
Improper authorization in GitLab Pages included with GitLab CE/EE affecting all versions from 11... Moderate Unreviewed
CVE-2022-1148 was published Apr 5, 2022
Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and... High Unreviewed
CVE-2022-25915 was published Apr 1, 2022
Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 does not protect... Critical Unreviewed
CVE-2021-32980 was published Apr 5, 2022
Wyse Device Agent version 14.6.1.4 and below contain an Improper Authentication vulnerability. A... Moderate Unreviewed
CVE-2022-23156 was published Apr 2, 2022
A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s):... High Unreviewed
CVE-2022-23699 was published Apr 5, 2022
A vulnerability in the authentication logic of Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker... Critical Unreviewed
CVE-2019-9564 was published Mar 31, 2022
Clementine Music Player through 1.3.1 is vulnerable to a User Mode Write Access Violation,... High Unreviewed
CVE-2021-40826 was published Dec 16, 2021
Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code... Critical Unreviewed
CVE-2021-44515 was published Dec 13, 2021
Vivoh Webinar Manager before 3.6.3.0 has improper API authentication. When a user logs in to the... Moderate Unreviewed
CVE-2021-45900 was published Apr 1, 2022
A vulnerability classified as critical was found in SourceCodester One Church Management System 1... Critical Unreviewed
CVE-2022-1084 was published Mar 30, 2022
Improper cleaning of secure memory between authenticated users can lead to face authentication... High Unreviewed
CVE-2021-1950 was published Apr 2, 2022
An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. A user row was not... Critical Unreviewed
CVE-2022-23795 was published Mar 31, 2022
In stopVpnProfile of Vpn.java, there is a possible VPN profile reset due to a permissions bypass.... High Unreviewed
CVE-2021-0649 was published Dec 16, 2021
Lack of an access control check in the External Status Check feature allowed any authenticated... Moderate Unreviewed
CVE-2021-39916 was published Dec 14, 2021
Sysaid API User Enumeration - Attacker sending requests to specific api path without any... Moderate Unreviewed
CVE-2021-36721 was published Dec 15, 2021
Auerswald COMfortel 1400 IP and 2600 IP before 2.8G devices allow Authentication Bypass via the ... High Unreviewed
CVE-2021-40856 was published Dec 14, 2021
In Cibele Thinfinity VirtualUI before 3.0, /changePassword returns different responses for... Moderate Unreviewed
CVE-2021-44848 was published Dec 14, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database