Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

777 advisories

Loading
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and... Critical Unreviewed
CVE-2021-44077 was published Nov 30, 2021
It was possible to bypass 2FA for LDAP users and access some specific pages with Basic... Critical Unreviewed
CVE-2021-39890 was published Dec 7, 2021
The authentication algorithm of the WebHMI portal is sound, but the implemented mechanism can be... Critical Unreviewed
CVE-2021-43931 was published Dec 7, 2021
Maharashtra State Electricity Board Mahavitara Android Application 8.20 and prior is vulnerable... Critical Unreviewed
CVE-2021-41716 was published Dec 8, 2021
ManageEngine's OpUtils 12.5.556 and prior allow access to a few audit directories without... Critical Unreviewed
CVE-2021-44514 was published Dec 10, 2021
Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code... Critical Unreviewed
CVE-2021-44515 was published Dec 13, 2021
An issue was discovered in Reprise RLM 14.2. Because /goform/change_password_process does not... Critical Unreviewed
CVE-2021-44152 was published Dec 14, 2021
The RegistrationMagic WordPress plugin made it possible for unauthenticated users to log in as... Critical Unreviewed
CVE-2021-4073 was published Dec 15, 2021
glFusion CMS 1.7.9 is affected by an access control vulnerability via /public_html/users.php. Critical Unreviewed
CVE-2021-44949 was published Dec 15, 2021
A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated... Critical Unreviewed
CVE-2021-44524 was published Dec 15, 2021
The impacted products, when configured to use SSO, are affected by an improper authentication... Critical Unreviewed
CVE-2021-43935 was published Dec 16, 2021
VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 contain an authentication bypass... Critical Unreviewed
CVE-2021-22057 was published Dec 21, 2021
Zoho ManageEngine ServiceDesk Plus MSP before 10.5 Build 10534 is vulnerable to unauthenticated... Critical Unreviewed
CVE-2021-44675 was published Dec 21, 2021
Mesa Labs AmegaView Versions 3.0 and prior’s passcode is generated by an easily reversible... Critical Unreviewed
CVE-2021-27451 was published Dec 22, 2021
An authentication bypass vulnerability exists in the CMD_DEVICE_GET_RSA_KEY_REQUEST functionality... Critical Unreviewed
CVE-2021-21952 was published Dec 23, 2021
Zoho ManageEngine ServiceDesk Plus before 12003 allows authentication bypass in certain admin... Critical Unreviewed
CVE-2021-44526 was published Dec 24, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects AC2100 before 2021-08... Critical Unreviewed
CVE-2021-45511 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24... Critical Unreviewed
CVE-2021-45509 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24... Critical Unreviewed
CVE-2021-45508 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24... Critical Unreviewed
CVE-2021-45507 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24... Critical Unreviewed
CVE-2021-45504 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects AC2400 before 1.1.0... Critical Unreviewed
CVE-2021-45501 was published Dec 27, 2021
NETGEAR R6700v2 devices before 1.2.0.88 are affected by authentication bypass. Critical Unreviewed
CVE-2021-45498 was published Dec 27, 2021
NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass. Critical Unreviewed
CVE-2021-45497 was published Dec 27, 2021
NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass. Critical Unreviewed
CVE-2021-45496 was published Dec 27, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database