GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,612
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,989
Maven 5,170
npm 3,705
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,313

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,258 advisories

Filter by severity

Sort by

Least recently updated

Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and... High Unreviewed

CVE-2021-20861 was published Dec 2, 2021

Acer QuickAccess 2.01.300x before 2.01.3030 and 3.00.30xx before 3.00.3038 contains a local... High Unreviewed

CVE-2022-24286 was published Mar 11, 2022

Acer Care Center 4.00.30xx before 4.00.3042 contains a local privilege escalation vulnerability.... High Unreviewed

CVE-2022-24285 was published Mar 11, 2022

otris Update Manager 1.2.1.0 allows local users to achieve SYSTEM access via unauthenticated... High Unreviewed

CVE-2021-40376 was published Mar 11, 2022

TP-Link Omada SDN Software Controller before 5.0.15 does not check if the authentication method... High Unreviewed

CVE-2021-44032 was published Mar 11, 2022

CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate... High Unreviewed

CVE-2022-22729 was published Mar 12, 2022

An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It mishandles software updates... High Unreviewed

CVE-2021-41848 was published Mar 13, 2022

Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used... High Unreviewed

CVE-2022-26504 was published Mar 18, 2022

Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition ... High Unreviewed

CVE-2011-0688 was published May 17, 2022

The server components in Objectivity/DB 10.0 do not require authentication for administrative... High Unreviewed

CVE-2011-0489 was published May 17, 2022

The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x... High Unreviewed

CVE-2011-0383 was published May 17, 2022

Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to bypass authentication... High Unreviewed

CVE-2011-0380 was published May 17, 2022

The Java Servlet framework on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1... High Unreviewed

CVE-2011-0384 was published May 17, 2022

Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for... High Unreviewed

CVE-2011-0392 was published May 17, 2022

Improper Authentication vulnerability in TLS origin validation of Apache Traffic Server allows an... High Unreviewed

CVE-2021-44759 was published Mar 24, 2022

An improper authentication vulnerability leading to information leakage was discovered in iptime... High Unreviewed

CVE-2021-26620 was published Mar 26, 2022

The password reset feature in the administrator interface for Eucalyptus 2.0.0 and 2.0.1 does not... High Unreviewed

CVE-2010-3905 was published May 17, 2022

Auerswald COMfortel 1400 IP and 2600 IP before 2.8G devices allow Authentication Bypass via the ... High Unreviewed

CVE-2021-40856 was published Dec 14, 2021

In stopVpnProfile of Vpn.java, there is a possible VPN profile reset due to a permissions bypass.... High Unreviewed

CVE-2021-0649 was published Dec 16, 2021

Improper cleaning of secure memory between authenticated users can lead to face authentication... High Unreviewed

CVE-2021-1950 was published Apr 2, 2022

Clementine Music Player through 1.3.1 is vulnerable to a User Mode Write Access Violation,... High Unreviewed

CVE-2021-40826 was published Dec 16, 2021

A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s):... High Unreviewed

CVE-2022-23699 was published Apr 5, 2022

Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and... High Unreviewed

CVE-2022-25915 was published Apr 1, 2022

An Access Control vulnerability exists in CLARO KAON CG3000 1.00.67 in the router configuration,... High Unreviewed

CVE-2021-43483 was published Apr 9, 2022

Certain NETGEAR devices are affected by authentication bypass. This affects R6900P before 1.3.3... High Unreviewed

CVE-2021-45499 was published Dec 27, 2021

Previous 1 2 3 4 5 … 50 51 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,258 advisories