GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
87 advisories
Filter by severity
Confd log files contain local users', including root’s, SHA512crypt password hashes with...
High
Unreviewed
CVE-2022-0652
was published
Mar 23, 2022
An issue was discovered in AdGuard before 0.105.2. An attacker able to get the user's cookie is...
High
Unreviewed
CVE-2021-27935
was published
May 24, 2022
IBM Security Verify Identity Manager 10.0 uses an inadequate account lockout setting that could...
High
Unreviewed
CVE-2022-22452
was published
Jul 15, 2022
An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03. Part of the application...
High
Unreviewed
CVE-2022-38491
was published
Jan 10, 2023
Planet eStream before 6.72.10.07 allows a low-privileged user to gain access to administrative...
High
Unreviewed
CVE-2022-45893
was published
Dec 25, 2022
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 ...
High
Unreviewed
CVE-2022-24044
was published
May 21, 2022
Weak password derivation for export in Devolutions Remote Desktop Manager before 2022.1 allows...
High
Unreviewed
CVE-2022-26964
was published
Dec 26, 2022
A vulnerability, which was classified as problematic, has been found in WBCE CMS. Affected by...
High
Unreviewed
CVE-2022-4006
was published
Nov 16, 2022
A vulnerability has been identified in SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS...
High
Unreviewed
CVE-2020-15786
was published
May 24, 2022
In Solstice Pod before 3.3.0 (or Open4.3), the screen key can be enumerated using brute-force...
High
Unreviewed
CVE-2020-35585
was published
May 24, 2022
Anuko Time Tracker v1.19.23.5311 lacks rate limit on the password reset module which allows...
High
Unreviewed
CVE-2020-27423
was published
May 24, 2022
In Discourse 2.7.0 through beta1, a rate-limit bypass leads to a bypass of the 2FA requirement...
High
Unreviewed
CVE-2021-3138
was published
May 24, 2022
The Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1 allows attackers to cause a...
High
Unreviewed
CVE-2021-27188
was published
May 24, 2022
In Solstice Pod before 3.3.0 (or Open4.3), the Administrator password can be enumerated using...
High
Unreviewed
CVE-2020-35586
was published
May 24, 2022
A vulnerability has been identified in RUGGEDCOM RM1224 (V6.3), SCALANCE M-800 (V6.3), SCALANCE...
High
Unreviewed
CVE-2021-25676
was published
May 24, 2022
Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to...
High
Unreviewed
CVE-2020-26556
was published
May 24, 2022
It was found that all versions of 3Scale developer portal lacked brute force protections. An...
High
Unreviewed
CVE-2021-3412
was published
May 24, 2022
An issue was discovered in Stormshield SNS through 4.2.1. A brute-force attack can occur.
High
Unreviewed
CVE-2021-28127
was published
May 24, 2022
Information disclosure in Logon Page in MV's mConnect application v02.001.00 allows an attacker...
High
Unreviewed
CVE-2020-23283
was published
May 24, 2022
An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache corruption can lead to...
High
Unreviewed
CVE-2021-35472
was published
May 24, 2022
The pairing procedure used by the Vizio P65-F1 6.0.31.4-2 and E50x-E1 10.0.31.4-2 Smart TVs and...
High
Unreviewed
CVE-2021-27943
was published
May 24, 2022
IBM Security Guardium 11.2 uses an inadequate account lockout setting that could allow a remote...
High
Unreviewed
CVE-2021-20427
was published
May 24, 2022
VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on...
High
Unreviewed
CVE-2021-22003
was published
May 24, 2022
Maarch RM 2.8.3 solution contains an improper restriction of excessive authentication attempts...
High
Unreviewed
CVE-2022-37772
was published
Nov 23, 2022
The IPsec VPN blade has a dedicated portal for downloading and connecting through SSL Network...
High
Unreviewed
CVE-2022-23746
was published
Nov 30, 2022
ProTip!
Advisories are also available from the
GraphQL API