GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,161
Erlang
30
GitHub Actions
19
Go
1,966
Maven
5,000+
npm
3,694
NuGet
653
pip
3,311
Pub
11
RubyGems
881
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+
164 advisories
Filter by severity
Even if the authentication fails for local service authentication, the requested command could...
Critical
Unreviewed
CVE-2022-46732
was published
Jan 18, 2023
An issue was discovered in the endpoint protection agent in Zoho ManageEngine Device Control Plus...
High
Unreviewed
CVE-2022-47578
was published
Dec 20, 2022
Unauthorized access to Gateway user capabilities
Critical
Unreviewed
CVE-2022-27510
was published
Nov 9, 2022
XWiki Platform Web Templates vulnerable to Unauthorized User Registration Through the Distribution Wizard
High
CVE-2022-36093
was published
for
org.xwiki.platform:xwiki-platform-web
(Maven)
Sep 16, 2022
A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service...
High
Unreviewed
CVE-2022-2031
was published
Aug 26, 2022
This vulnerability allows remote attackers to bypass authentication on affected installations of...
Critical
Unreviewed
CVE-2022-35869
was published
Jul 26, 2022
PingID Windows Login prior to 2.8 does not authenticate communication with a local Java service...
Moderate
Unreviewed
CVE-2022-23719
was published
Jul 1, 2022
PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry...
Moderate
Unreviewed
CVE-2022-23725
was published
Jul 1, 2022
A vulnerability in the application authentication and authorization mechanism in Hitachi Energy's...
High
Unreviewed
CVE-2021-35530
was published
Jun 8, 2022
SQL injection and file upload attacks are possible due to insufficient validation of input values...
Critical
Unreviewed
CVE-2021-26634
was published
Jun 3, 2022
Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an...
Critical
Unreviewed
CVE-2021-36308
was published
May 24, 2022
ECOA BAS controller suffers from an authentication bypass vulnerability. An unauthenticated...
Critical
Unreviewed
CVE-2021-41292
was published
May 24, 2022
Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to add a new...
Critical
Unreviewed
CVE-2021-32967
was published
May 24, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected...
High
Unreviewed
CVE-2020-27866
was published
May 24, 2022
This vulnerability allows network-adjacent attackers to disclose sensitive information on...
Moderate
Unreviewed
CVE-2020-27863
was published
May 24, 2022
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected...
High
Unreviewed
CVE-2020-27865
was published
May 24, 2022
The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote...
Critical
Unreviewed
CVE-2020-10148
was published
May 24, 2022
This vulnerability allows network-adjacent attackers to disclose sensitive information on...
Moderate
Unreviewed
CVE-2020-17409
was published
May 24, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected...
Moderate
Unreviewed
CVE-2020-15633
was published
May 24, 2022
RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability....
Critical
Unreviewed
CVE-2019-3758
was published
May 24, 2022
Datalogic AV7000 Linear barcode scanner all versions prior to 4.6.0.0 is vulnerable to...
High
Unreviewed
CVE-2019-13526
was published
May 24, 2022
Successful exploitation of this vulnerability on Claroty Secure Remote Access (SRA) Site versions...
Moderate
Unreviewed
CVE-2021-32958
was published
May 24, 2022
Authentication Bypass Using an Alternate Path or Channel in SpringSource Spring Security and Acegi Security
Moderate
CVE-2010-3700
was published
for
org.acegisecurity:acegi-security
(Maven)
May 14, 2022
Moodle Authentication Bypass in Question-Bank
Moderate
CVE-2012-2356
was published
for
moodle/moodle
(Composer)
May 13, 2022
glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster...
High
Unreviewed
CVE-2018-10841
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API