Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,414 advisories

Loading
TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to use the HTTP protocol for authentication... High Unreviewed
CVE-2021-45735 was published Feb 5, 2022
Real-time image information exposure is caused by insufficient authentication for activated RTSP... High Unreviewed
CVE-2021-26627 was published Apr 20, 2022
ECP SAML binding bypasses authentication flows High
CVE-2021-3827 was published for org.keycloak:keycloak-saml-core (Maven) Apr 27, 2022
Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD... High Unreviewed
CVE-2017-2871 was published May 13, 2022
Improper Authentication in Mortbay Jetty High
CVE-2007-5614 was published for org.mortbay.jetty:jetty (Maven) May 1, 2022
Improper Authentication in Spring Security High
CVE-2014-0097 was published for org.springframework.security:spring-security-core (Maven) May 13, 2022
An exploitable authentication bypass vulnerability exists in the API daemon of Circle with Disney... High Unreviewed
CVE-2017-2914 was published May 13, 2022
A denial of service vulnerability exists in the SeaMax remote configuration functionality of... High Unreviewed
CVE-2021-21965 was published Feb 10, 2022
Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD... High Unreviewed
CVE-2017-2872 was published May 13, 2022
An authentication bypass vulnerability exists in the process_msg() function of the home_security... High Unreviewed
CVE-2021-21953 was published Dec 23, 2021
Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a... High Unreviewed
CVE-2021-21127 was published May 24, 2022
Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 88.0.4324... High Unreviewed
CVE-2021-21125 was published May 24, 2022
An authentication issue was addressed with improved state management. This issue is fixed in... High Unreviewed
CVE-2020-29633 was published May 24, 2022
XWiki Platform Old Core vulnerable to Authentication Bypass Using the Login Action High
CVE-2022-36092 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Sep 16, 2022
In ActivityTaskManagerService.startActivity() and AppTaskImpl.startActivity() of... High Unreviewed
CVE-2021-0571 was published May 24, 2022
Western Digital WD My Book Live (2.x and later) and WD My Book Live Duo (all versions) have an... High Unreviewed
CVE-2021-35941 was published May 24, 2022
A potential vulnerability in Splunk Enterprise's implementation of DUO MFA allows for bypassing... High Unreviewed
CVE-2021-26253 was published May 7, 2022
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker... High Unreviewed
CVE-2020-4427 was published May 24, 2022
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain highly sensitive... High Unreviewed
CVE-2021-29747 was published May 24, 2022
A vulnerability has been identified in SIPORT MP (All versions < 3.2.1). Vulnerable versions of... High Unreviewed
CVE-2020-7591 was published May 24, 2022
An issue was discovered on FiberHome HG6245D devices through RP2613. There is a telnet?enable=0... High Unreviewed
CVE-2021-27173 was published May 24, 2022
Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated,... High Unreviewed
CVE-2021-1601 was published May 24, 2022
An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where... High Unreviewed
CVE-2020-21934 was published May 24, 2022
Dell Support Assist OS Recovery versions before 5.5.2 contain an Authentication Bypass... High Unreviewed
CVE-2022-26865 was published May 27, 2022
IBM PowerVM Hypervisor FW940 and FW950 could allow an attacker to obtain sensitive information if... High Unreviewed
CVE-2021-29765 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database