Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,109
Maven
5,000+
npm
3,765
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
887
Swift
37
Unreviewed advisories
All unreviewed
5,000+

3,613 advisories

Loading
Certain NETGEAR devices are affected by authentication bypass. This affects AC2400 before 1.1.0... Critical Unreviewed
CVE-2021-45501 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24... Critical Unreviewed
CVE-2021-45504 was published Dec 27, 2021
Improper access control vulnerability in Knox Manage prior to SMR Apr-2022 Release 1 allows that... Moderate Unreviewed
CVE-2022-26091 was published Apr 12, 2022
Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication bypass vulnerability. It is... Critical Unreviewed
CVE-2021-20158 was published Dec 31, 2021
NETGEAR D7000 devices before 1.0.1.68 are affected by authentication bypass. Critical Unreviewed
CVE-2021-45495 was published Dec 27, 2021
Improper authentication vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical... Moderate Unreviewed
CVE-2022-25832 was published Apr 12, 2022
Improper authentication in ImsService prior to SMR Apr-2022 Release 1 allows attackers to get... Low Unreviewed
CVE-2022-25833 was published Apr 12, 2022
The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings... Critical Unreviewed
CVE-2021-46742 was published Apr 12, 2022
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24... Critical Unreviewed
CVE-2021-45509 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6... High Unreviewed
CVE-2021-45503 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24... Critical Unreviewed
CVE-2021-45507 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6... High Unreviewed
CVE-2021-45502 was published Dec 27, 2021
Zoho ManageEngine ServiceDesk Plus before 12003 allows authentication bypass in certain admin... Critical Unreviewed
CVE-2021-44526 was published Dec 24, 2021
NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass. Critical Unreviewed
CVE-2021-45497 was published Dec 27, 2021
NETGEAR R6700v2 devices before 1.2.0.88 are affected by authentication bypass. Critical Unreviewed
CVE-2021-45498 was published Dec 27, 2021
A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC)... Critical Unreviewed
CVE-2022-20695 was published Apr 16, 2022
Systemic Insecure Permissions in Northstar Technologies Inc NorthStar Club Management 6.3 allows... Critical Unreviewed
CVE-2021-29396 was published Feb 9, 2022
The device authentication service module has a defect vulnerability introduced in the design... High Unreviewed
CVE-2021-46740 was published Apr 12, 2022
ThinVNC version 1.0b1 allows an unauthenticated user to bypass the authentication process via ... Critical Unreviewed
CVE-2022-25226 was published Apr 19, 2022
Pexip Infinity Connect before 1.8.0 omits certain provisioning authenticity checks. Thus,... Critical Unreviewed
CVE-2021-29655 was published Feb 19, 2022
The slapi_printmessage function in IBM Tivoli Directory Server (ITDS) before 6.0.0.8-TIV-ITDS... Moderate Unreviewed
CVE-2010-2927 was published May 17, 2022
Nokia BTS TRS web console FTM_W20_FP2_2019.08.16_0010 allows Authentication Bypass. A malicious... Critical Unreviewed
CVE-2021-31932 was published Feb 12, 2022
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated... Moderate Unreviewed
CVE-2021-43950 was published Feb 16, 2022
A vulnerability within the authentication process of Abacus ERP allows a remote attacker to... High Unreviewed
CVE-2022-1065 was published Apr 20, 2022
Argo CD will blindly trust JWT claims if anonymous access is enabled Critical
CVE-2022-29165 was published for github.com/argoproj/argo-cd (Go) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database