GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,357

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

873 advisories

Filter by severity

Sort by

Least recently updated

EMC Network Configuration Manager (NCM) 9.3.x, EMC Network Configuration Manager (NCM) 9.4.0.x,... Critical Unreviewed

CVE-2017-2767 was published May 17, 2022

A remote authentication bypass vulnerability was discovered in HPE Cray Legacy Shasta System... Critical Unreviewed

CVE-2022-28620 was published Jun 25, 2022

Multiple Lenze products of the cabinet series skip the password verification upon second login.... Critical Unreviewed

CVE-2022-2302 was published Jul 12, 2022

In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to... Critical Unreviewed

CVE-2022-24562 was published Jun 17, 2022

A vulnerability in Antminer Monitor 0.50.0 exists because of backdoor or misconfiguration inside... Critical Unreviewed

CVE-2021-40903 was published Jun 18, 2022

An issue was discovered in WAGO 750-8202/PFC200 prior to FW04 (released August 2015), WAGO 750... Critical Unreviewed

CVE-2016-9362 was published May 17, 2022

SKYSEA Client View Ver.11.221.03 and earlier allows remote code execution via a flaw in... Critical Unreviewed

CVE-2016-7836 was published May 17, 2022

Improper Authentication vulnerability in S&D smarthome(smartcare) application can cause... Critical Unreviewed

CVE-2021-26638 was published Jun 24, 2022

By using a specific credential string, an attacker with network access to the device’s web... Critical Unreviewed

CVE-2022-2197 was published Jul 1, 2022

An IBM Spectrum Protect storage agent could allow a remote attacker to perform a brute force... Critical Unreviewed

CVE-2022-22487 was published Jul 1, 2022

Symantec Advanced Secure Gateway (ASG) and ProxySG are susceptible to an HTTP desync... Critical Unreviewed

CVE-2021-46825 was published Jul 8, 2022

The custom authentication realm used by karaf-tomcat's "opendaylight" realm in Opendaylight... Critical Unreviewed

CVE-2015-1778 was published May 17, 2022

D-Link DIR-615 Wireless N 300 Router allows authentication bypass via a modified POST request to... Critical Unreviewed

CVE-2017-9542 was published May 17, 2022

The web application on Agilia Link+ version 3.0 implements authentication and session management... Critical Unreviewed

CVE-2021-23196 was published Jan 22, 2022

In the GUI of Ceragon FibeAir IP-10 (before 7.2.0) devices, a remote attacker can bypass... Critical Unreviewed

CVE-2016-10309 was published May 17, 2022

In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an... Critical Unreviewed

CVE-2017-4989 was published May 17, 2022

Cybozu Garoon before 4.2.2 allows remote attackers to bypass login authentication via vectors... Critical Unreviewed

CVE-2016-1219 was published May 17, 2022

Insufficient authentication vulnerability in Junos Space before 15.2R2 allows remote network... Critical Unreviewed

CVE-2016-4926 was published May 17, 2022

A vulnerability, which was classified as critical, was found in Itech Job Portal Script 9.13.... Critical Unreviewed

CVE-2017-20133 was published Jul 17, 2022

An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. When using the RESTServer... Critical Unreviewed

CVE-2021-40874 was published Jul 19, 2022

An issue was discovered in Kabona AB WebDatorCentral (WDC) application prior to Version 3.4.0.... Critical Unreviewed

CVE-2016-8347 was published May 17, 2022

An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions... Critical Unreviewed

CVE-2016-9361 was published May 17, 2022

In Zoho ManageEngine SupportCenter Plus before 11023, V3 API requests are vulnerable to... Critical Unreviewed

CVE-2022-36412 was published Jul 27, 2022

An authentication bypass vulnerability exists in FileWave before 14.6.3 and 14.7.x before 14.7.2.... Critical Unreviewed

CVE-2022-34907 was published Jul 26, 2022

The m_authenticate function in ircd/m_authenticate.c in nefarious2 allows remote attackers to... Critical Unreviewed

CVE-2016-7145 was published May 17, 2022

Previous 1 2 3 4 5 6 7 … 34 35 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

873 advisories