Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,046
Maven
5,000+
npm
3,737
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

953 advisories

Loading
The affected product’s configuration is vulnerable due to missing authentication, which may allow... Critical Unreviewed
CVE-2021-32930 was published May 24, 2022
An improper authentication vulnerability exists in the REST API functionality of Open Automation... Critical Unreviewed
CVE-2022-26833 was published May 26, 2022
An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of... High Unreviewed
CVE-2022-26303 was published May 26, 2022
A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open... Critical Unreviewed
CVE-2022-26082 was published May 26, 2022
The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable... Critical Unreviewed
CVE-2022-1368 was published Sep 7, 2022
Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated... High Unreviewed
CVE-2021-33543 was published May 24, 2022
An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality... High Unreviewed
CVE-2022-27169 was published May 26, 2022
ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an... Moderate Unreviewed
CVE-2022-30515 was published Nov 9, 2022
In D-link DIR-816 A2_v1.10CNB04.img,the network can be reset without authentication via /goform... High Unreviewed
CVE-2022-36619 was published Sep 1, 2022
IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker to obtain... Moderate Unreviewed
CVE-2019-4337 was published May 24, 2022
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lacks authentication for... High Unreviewed
CVE-2022-41644 was published Nov 1, 2022
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated... High Unreviewed
CVE-2022-41776 was published Nov 1, 2022
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lack proper... High Unreviewed
CVE-2022-41688 was published Nov 1, 2022
The database backup function in Delta Electronics InfraSuite Device Master Versions 00.00.01a and... Critical Unreviewed
CVE-2022-40202 was published Nov 1, 2022
Missing authentication for critical function vulnerability in UNIMO Technology digital video... Critical Unreviewed
CVE-2022-35733 was published Aug 24, 2022
admin.php in Frax.dk Php Recommend 1.3 and earlier does not require authentication when the user... High Unreviewed
CVE-2009-1780 was published May 2, 2022
Xvfb of SAP Business Objects Business Intelligence Platform, versions - 4.2, 4.3, platform on... Moderate Unreviewed
CVE-2020-6294 was published May 24, 2022
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an... High Unreviewed
CVE-2022-37062 was published Aug 19, 2022
The memory management module has the logic bypass vulnerability. Successful exploitation of this... High Unreviewed
CVE-2021-46852 was published Nov 10, 2022
VMware Workspace ONE Assist prior to 22.10 contains an Authentication Bypass vulnerability. A... Critical Unreviewed
CVE-2022-31685 was published Nov 10, 2022
Registers used to store Modbus values can be read and written from the web interface without... Critical Unreviewed
CVE-2019-6533 was published May 13, 2022
ENTTEC Datagate MK2, Storm 24, Pixelator all firmware versions prior to (70044,70050,70060... High Unreviewed
CVE-2019-6542 was published May 13, 2022
Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An... High Unreviewed
CVE-2018-17924 was published May 3, 2022
Multiple Version of TRUMPF TruTops products expose a service function without necessary... Critical Unreviewed
CVE-2022-1300 was published May 3, 2022
The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote attackers to bypass... High Unreviewed
CVE-2007-0956 was published May 3, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database