Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,414 advisories

Loading
StarWind SAN and NAS before 0.2 build 1685 allows users to reset other users' passwords. High Unreviewed
CVE-2022-24551 was published Feb 12, 2022
Improper validation of program headers containing ELF metadata can lead to image verification... High Unreviewed
CVE-2021-30317 was published Feb 12, 2022
A CWE-287: Improper Authentication vulnerability exists that could allow remote code execution... High Unreviewed
CVE-2021-22796 was published Feb 12, 2022
A denial of service vulnerability exists in the Modbus configuration functionality of Sealevel... High Unreviewed
CVE-2021-21964 was published Feb 10, 2022
A denial of service vulnerability exists in the SeaMax remote configuration functionality of... High Unreviewed
CVE-2021-21965 was published Feb 10, 2022
An authenticated and authorized agent user could potentially gain administrative access via an... High Unreviewed
CVE-2022-0366 was published Feb 8, 2022
TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to use the HTTP protocol for authentication... High Unreviewed
CVE-2021-45735 was published Feb 5, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed
CVE-2021-34865 was published Jan 26, 2022
USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute... High Unreviewed
CVE-2022-23220 was published Jan 22, 2022
SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers... High Unreviewed
CVE-2021-38696 was published Jan 19, 2022
The All in One SEO WordPress plugin before 4.1.5.3 is affected by a Privilege Escalation issue,... High Unreviewed
CVE-2021-25036 was published Jan 18, 2022
A limited authentication bypass vulnerability was discovered that could allow an attacker to... High Unreviewed
CVE-2022-22990 was published Jan 14, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed
CVE-2021-34977 was published Jan 14, 2022
Netgear Nighthawk R6700 version 1.0.4.120 does not have sufficient protections for the UART... High Unreviewed
CVE-2021-23147 was published Dec 31, 2021
An improper authentication vulnerability has been reported to affect Android App Qfile. If... High Unreviewed
CVE-2021-38688 was published Dec 30, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects R6900P before 1.3.3... High Unreviewed
CVE-2021-45499 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects R7000P before 1.3.3... High Unreviewed
CVE-2021-45500 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6... High Unreviewed
CVE-2021-45502 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6... High Unreviewed
CVE-2021-45503 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6... High Unreviewed
CVE-2021-45505 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6... High Unreviewed
CVE-2021-45506 was published Dec 27, 2021
NETGEAR XR1000 devices before 1.0.0.58 are affected by authentication bypass. High Unreviewed
CVE-2021-45510 was published Dec 27, 2021
An authentication bypass vulnerability exists in the CMA run_server_6877 functionality of Garrett... High Unreviewed
CVE-2021-21902 was published Dec 23, 2021
An authentication bypass vulnerability exists in the process_msg() function of the home_security... High Unreviewed
CVE-2021-21953 was published Dec 23, 2021
Dell PowerScale OneFS, versions 8.2.2-9.3.0.x, contain an authentication bypass by primary... High Unreviewed
CVE-2021-36350 was published Dec 22, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database