GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,324
Composer 4,360
Erlang 33
GitHub Actions 22
Go 2,127
Maven 5,308
npm 3,793
NuGet 683
pip 3,471
Pub 12
RubyGems 894
Rust 894
Swift 38

Unreviewed advisories

All unreviewed 244,800

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,052 advisories

Filter by severity

Sort by

Least recently updated

Velneo vClient on its 28.1.3 version, does not correctly check the certificate of authenticity by... Moderate Unreviewed

CVE-2021-45035 was published Sep 25, 2022

An improper authentication vulnerability exists in Rocket.Chat Mobile App <4.14.1.22788 that... Moderate Unreviewed

CVE-2022-30124 was published Sep 25, 2022

Improper authentication in firmware for some Intel(R) SSD DC Products may allow an... Moderate Unreviewed

CVE-2021-33076 was published Sep 21, 2022

OpenHarmony-v3.1.2 and prior versions have a permission bypass vulnerability. LAN attackers can... Moderate Unreviewed

CVE-2022-38081 was published Sep 10, 2022

OpenHarmony-v3.1.2 and prior versions have a permission bypass vulnerability. Local attackers can... Moderate Unreviewed

CVE-2022-38064 was published Sep 10, 2022

Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of monitored... Moderate Unreviewed

CVE-2022-27968 was published Sep 9, 2022

Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of decoy... Moderate Unreviewed

CVE-2022-27969 was published Sep 9, 2022

Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of excluded... Moderate Unreviewed

CVE-2022-27967 was published Sep 9, 2022

A vulnerability exists in certain AOS-CX switch models which could allow an attacker with access... Moderate Unreviewed

CVE-2022-23691 was published Sep 7, 2022

A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the... Moderate Unreviewed

CVE-2021-3979 was published Aug 26, 2022

The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few... Moderate Unreviewed

CVE-2021-4142 was published Aug 25, 2022

The Duplicator WordPress plugin before 1.4.7.1 does not authenticate or authorize visitors before... Moderate Unreviewed

CVE-2022-2552 was published Aug 23, 2022

Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this... Moderate Unreviewed

CVE-2022-2503 was published Aug 13, 2022

Prior Dell BIOS versions contain an Improper Authentication vulnerability. An unauthenticated... Moderate Unreviewed

CVE-2022-29083 was published Aug 10, 2022

Broken Authentication vulnerability in JumpDEMAND Inc. ActiveDEMAND plugin <= 0.2.27 at WordPress... Moderate Unreviewed

CVE-2022-36296 was published Aug 6, 2022

Using off-the-shelf commodity hardware, the Unitree Go 1 robotics platform version H0.1.7 and H0... Moderate Unreviewed

CVE-2022-2675 was published Aug 6, 2022

Due to a bug in the handling of the communication between the client and server, it was possible... Moderate Unreviewed

CVE-2022-35629 was published Jul 30, 2022

The authfile directive in the booth config file is ignored, preventing use of authentication in... Moderate Unreviewed

CVE-2022-2553 was published Jul 29, 2022

An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers... Moderate Unreviewed

CVE-2022-34575 was published Jul 26, 2022

An authentication downgrade in the server in Citilog 8.0 allows an attacker (in a man in the... Moderate Unreviewed

CVE-2022-28860 was published Jul 22, 2022

Broken Access Control vulnerability in YIKES Inc. Custom Product Tabs for WooCommerce plugin <= 1... Moderate Unreviewed

CVE-2022-28666 was published Jul 22, 2022

The OAuth Single Sign On WordPress plugin before 6.22.6 doesn't validate that OAuth access token... Moderate Unreviewed

CVE-2022-2133 was published Jul 18, 2022

A flaw was found in pki-core, which could allow a user to get a certificate for another user... Moderate Unreviewed

CVE-2022-2393 was published Jul 15, 2022

Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this... Moderate Unreviewed

CVE-2021-40013 was published Jul 13, 2022

Session 1.13.0 allows an attacker with physical access to the victim's device to bypass the... Moderate Unreviewed

CVE-2022-1955 was published Jul 1, 2022

Previous 1 2 … 7 8 9 10 11 … 42 43 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,052 advisories