Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,046
Maven
5,000+
npm
3,737
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

953 advisories

Loading
In multiple managed switches by WAGO in different versions without authorization and with... Critical Unreviewed
CVE-2021-20998 was published May 24, 2022
HTCondor before 8.9.11 allows a user to submit a job as another user on the system, because of a... High Unreviewed
CVE-2021-25312 was published May 24, 2022
** UNSUPPPORTED WHEN ASSIGNED **Broken Access Control in User Authentication in Avaya Scopia... Critical Unreviewed
CVE-2022-38168 was published Nov 4, 2022
An issue was discovered in Epikur before 20.1.1. A Glassfish 4.1 server with a default... High Unreviewed
CVE-2020-10537 was published May 24, 2022
Fresenius Kabi Agilia Link + version 3.0 has a default configuration page accessible without... Moderate Unreviewed
CVE-2021-33843 was published Jan 22, 2022
Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated,... Critical Unreviewed
CVE-2021-1393 was published May 24, 2022
Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated,... Moderate Unreviewed
CVE-2021-1396 was published May 24, 2022
In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate... High Unreviewed
CVE-2020-27225 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2021-27255 was published May 24, 2022
CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control. Critical Unreviewed
CVE-2021-30190 was published May 24, 2022
Unauthenticated Arbitrary Options Update vulnerability leading to full website compromise... Critical Unreviewed
CVE-2021-36888 was published Dec 16, 2021
There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone.... Moderate Unreviewed
CVE-2021-22316 was published May 24, 2022
There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone.... High Unreviewed
CVE-2021-22322 was published May 24, 2022
The Web CGI Script on ZyXEL LTE4506-M606 V1.00(ABDO.2)C0 devices does not require authentication,... Critical Unreviewed
CVE-2020-28899 was published May 24, 2022
A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated... Critical Unreviewed
CVE-2021-23847 was published May 24, 2022
On all 7.x and 6.x versions (fixed in 8.0.0), BIG-IQ high availability (HA) when using a Quorum... High Unreviewed
CVE-2021-22995 was published May 24, 2022
Ballerina is an open source programming language and platform for cloud application programmers.... High Unreviewed
CVE-2021-32700 was published May 24, 2022
Missing authentication for critical function in DAP-1880AC firmware version 1.21 and earlier... Critical Unreviewed
CVE-2021-20697 was published May 24, 2022
Dell Hybrid Client versions prior to 1.5 contain a missing authentication for a critical function... High Unreviewed
CVE-2021-21535 was published May 24, 2022
A denial of service vulnerability exists in the Modbus configuration functionality of Sealevel... High Unreviewed
CVE-2021-21964 was published Feb 10, 2022
White Shark System (WSS) 1.3.2 has a sensitive information disclosure vulnerability. The... Moderate Unreviewed
CVE-2020-20472 was published May 24, 2022
Missing message authentication in the meta-protocol in Tinc VPN version 1.0.34 and earlier allows... Moderate Unreviewed
CVE-2018-16758 was published May 13, 2022
The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does... Critical Unreviewed
CVE-2021-31337 was published May 24, 2022
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are... Critical Unreviewed
CVE-2021-33221 was published May 24, 2022
IBM Guardium Data Encryption (GDE) 3.0.0.2 and 4.0.0.4 does not perform any authentication for... High Unreviewed
CVE-2021-20474 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database