Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,439 advisories

Loading
Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and... High Unreviewed
CVE-2022-25915 was published Apr 1, 2022
A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s):... High Unreviewed
CVE-2022-23699 was published Apr 5, 2022
Clementine Music Player through 1.3.1 is vulnerable to a User Mode Write Access Violation,... High Unreviewed
CVE-2021-40826 was published Dec 16, 2021
Improper cleaning of secure memory between authenticated users can lead to face authentication... High Unreviewed
CVE-2021-1950 was published Apr 2, 2022
In stopVpnProfile of Vpn.java, there is a possible VPN profile reset due to a permissions bypass.... High Unreviewed
CVE-2021-0649 was published Dec 16, 2021
Auerswald COMfortel 1400 IP and 2600 IP before 2.8G devices allow Authentication Bypass via the ... High Unreviewed
CVE-2021-40856 was published Dec 14, 2021
The password reset feature in the administrator interface for Eucalyptus 2.0.0 and 2.0.1 does not... High Unreviewed
CVE-2010-3905 was published May 17, 2022
An improper authentication vulnerability leading to information leakage was discovered in iptime... High Unreviewed
CVE-2021-26620 was published Mar 26, 2022
Improper Authentication vulnerability in TLS origin validation of Apache Traffic Server allows an... High Unreviewed
CVE-2021-44759 was published Mar 24, 2022
Account Takeover in Octobercms High
CVE-2021-32648 was published for october/system (Composer) Aug 30, 2021
Pterodactyl Panel vulnerable to authentication bypass due to improper user-provided security token verification High
CVE-2021-41129 was published for pterodactyl/panel (Composer) Oct 4, 2021
Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for... High Unreviewed
CVE-2011-0392 was published May 17, 2022
Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to bypass authentication... High Unreviewed
CVE-2011-0380 was published May 17, 2022
The Java Servlet framework on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1... High Unreviewed
CVE-2011-0384 was published May 17, 2022
The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x... High Unreviewed
CVE-2011-0383 was published May 17, 2022
Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition ... High Unreviewed
CVE-2011-0688 was published May 17, 2022
The server components in Objectivity/DB 10.0 do not require authentication for administrative... High Unreviewed
CVE-2011-0489 was published May 17, 2022
Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used... High Unreviewed
CVE-2022-26504 was published Mar 18, 2022
An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It mishandles software updates... High Unreviewed
CVE-2021-41848 was published Mar 13, 2022
CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate... High Unreviewed
CVE-2022-22729 was published Mar 12, 2022
TP-Link Omada SDN Software Controller before 5.0.15 does not check if the authentication method... High Unreviewed
CVE-2021-44032 was published Mar 11, 2022
otris Update Manager 1.2.1.0 allows local users to achieve SYSTEM access via unauthenticated... High Unreviewed
CVE-2021-40376 was published Mar 11, 2022
Acer Care Center 4.00.30xx before 4.00.3042 contains a local privilege escalation vulnerability.... High Unreviewed
CVE-2022-24285 was published Mar 11, 2022
Acer QuickAccess 2.01.300x before 2.01.3030 and 3.00.30xx before 3.00.3038 contains a local... High Unreviewed
CVE-2022-24286 was published Mar 11, 2022
Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and... High Unreviewed
CVE-2021-20861 was published Dec 2, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database