GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,030 advisories
Filter by severity
A vulnerability in the web application of Cisco Common Services Platform Collector (CSPC) could...
Moderate
Unreviewed
CVE-2021-40130
was published
Nov 20, 2021
IBM QRadar SIEM 7.3 and 7.4 could allow an attacker to obtain sensitive information due to the...
Moderate
Unreviewed
CVE-2021-29779
was published
Dec 2, 2021
Affected versions of Atlassian Jira Server and Data Center allow a user who has had their Jira...
Moderate
Unreviewed
CVE-2021-41309
was published
Dec 9, 2021
Lack of an access control check in the External Status Check feature allowed any authenticated...
Moderate
Unreviewed
CVE-2021-39916
was published
Dec 14, 2021
In Cibele Thinfinity VirtualUI before 3.0, /changePassword returns different responses for...
Moderate
Unreviewed
CVE-2021-44848
was published
Dec 14, 2021
Sysaid API User Enumeration - Attacker sending requests to specific api path without any...
Moderate
Unreviewed
CVE-2021-36721
was published
Dec 15, 2021
Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from...
Moderate
Unreviewed
CVE-2021-20150
was published
Dec 31, 2021
Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers...
Moderate
Unreviewed
CVE-2021-43946
was published
Jan 6, 2022
Improper access control vulnerability in S Assistant prior to version 7.5 allows attacker to...
Moderate
Unreviewed
CVE-2022-22289
was published
Jan 11, 2022
Improper authentication vulnerability in Samsung Internet prior to 16.0.2.19 allows attackers to...
Moderate
Unreviewed
CVE-2022-22284
was published
Jan 11, 2022
Fresenius Kabi Agilia Link + version 3.0 has a default configuration page accessible without...
Moderate
Unreviewed
CVE-2021-33843
was published
Jan 22, 2022
Hitachi Energy LinkOne product, has a vulnerability due to a web server misconfiguration, that...
Moderate
Unreviewed
CVE-2021-40338
was published
Jan 29, 2022
After the initial setup process, some steps of setup.php file are reachable not only by super...
Moderate
Unreviewed
CVE-2022-23134
was published
Feb 9, 2022
Microsoft SharePoint Server Security Feature BypassVulnerability.
Moderate
Unreviewed
CVE-2022-21968
was published
Feb 10, 2022
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated...
Moderate
Unreviewed
CVE-2021-43950
was published
Feb 16, 2022
An authorization bypass exploited by a user-controlled key in SpecificApps REST API in...
Moderate
Unreviewed
CVE-2021-46249
was published
Feb 17, 2022
A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this...
Moderate
Unreviewed
CVE-2016-2124
was published
Feb 19, 2022
The web interface of the 1734-AENTR communication module mishandles authentication for HTTP POST...
Moderate
Unreviewed
CVE-2020-14504
was published
Feb 25, 2022
The biometric lock in Devolutions Password Hub for iOS before 2021.3.4 allows attackers to access...
Moderate
Unreviewed
CVE-2022-23849
was published
Mar 4, 2022
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a...
Moderate
Unreviewed
CVE-2022-23232
was published
Mar 5, 2022
Improper Access Control in GitHub repository salesagility/suitecrm prior to 7.12.5.
Moderate
Unreviewed
CVE-2022-0755
was published
Mar 8, 2022
Improper access control vulnerability in Samsung Account prior to version 13.1.0.1 allows...
Moderate
Unreviewed
CVE-2022-25825
was published
Mar 11, 2022
Improper authentication in Samsung Lock and mask apps setting prior to SMR Mar-2022 Release 1...
Moderate
Unreviewed
CVE-2022-25816
was published
Mar 11, 2022
A lack of password change protection vulnerability in a depreciated API of McAfee Enterprise...
Moderate
Unreviewed
CVE-2022-0862
was published
Mar 24, 2022
An issue has been discovered in GitLab CE/EE affecting versions 13.0 to 14.6.5, 14.7 to 14.7.4,...
Moderate
Unreviewed
CVE-2021-4191
was published
Mar 29, 2022
ProTip!
Advisories are also available from the
GraphQL API