GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,927
Composer 4,272
Erlang 31
GitHub Actions 21
Go 2,047
Maven 5,232
npm 3,739
NuGet 668
pip 3,415
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,413

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

171 advisories

Filter by severity

Sort by

Least recently updated

Even if the authentication fails for local service authentication, the requested command could... Critical Unreviewed

CVE-2022-46732 was published Jan 18, 2023

Navigating to a specific URL with a patient ID number will result in the server generating a PDF... Moderate Unreviewed

CVE-2022-1067 was published Apr 12, 2022

An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service... High Unreviewed

CVE-2022-22189 was published Apr 15, 2022

Successful exploitation of this vulnerability on Claroty Secure Remote Access (SRA) Site versions... Moderate Unreviewed

CVE-2021-32958 was published May 24, 2022

The impacted products, when configured to use SSO, are affected by an improper authentication... Critical Unreviewed

CVE-2021-43935 was published Dec 16, 2021

Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to add a new... Critical Unreviewed

CVE-2021-32967 was published May 24, 2022

This vulnerability allows remote attackers to bypass authentication on affected installations of... Critical Unreviewed

CVE-2022-35869 was published Jul 26, 2022

This vulnerability allows network-adjacent attackers to disclose sensitive information on... Moderate Unreviewed

CVE-2020-17409 was published May 24, 2022

This vulnerability allows network-adjacent attackers to disclose sensitive information on... Moderate Unreviewed

CVE-2020-27863 was published May 24, 2022

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed

CVE-2020-27865 was published May 24, 2022

This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed

CVE-2020-27866 was published May 24, 2022

ECOA BAS controller suffers from an authentication bypass vulnerability. An unauthenticated... Critical Unreviewed

CVE-2021-41292 was published May 24, 2022

Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an... Critical Unreviewed

CVE-2021-36308 was published May 24, 2022

Mesa Labs AmegaView Versions 3.0 uses default cookies that could be set to bypass authentication... Critical Unreviewed

CVE-2021-27453 was published Dec 22, 2021

An unauthenticated remote attacker can access mySCADA myPRO Versions 8.20.0 and prior without any... Critical Unreviewed

CVE-2021-43985 was published Dec 24, 2021

The standard access path of the IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) requires... High Unreviewed

CVE-2021-33017 was published Dec 28, 2021

This vulnerability allows remote attackers to bypass authentication on affected installations of... Critical Unreviewed

CVE-2022-24047 was published Feb 19, 2022

glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster... High Unreviewed

CVE-2018-10841 was published May 13, 2022

A vulnerability in the application authentication and authorization mechanism in Hitachi Energy's... High Unreviewed

CVE-2021-35530 was published Jun 8, 2022

This vulnerability allows network-adjacent attackers to bypass authentication on affected... Moderate Unreviewed

CVE-2020-15633 was published May 24, 2022

PingID Windows Login prior to 2.8 does not authenticate communication with a local Java service... Moderate Unreviewed

CVE-2022-23719 was published Jul 1, 2022

Use of static encryption key material allows forging an authentication token to other users... High Unreviewed

CVE-2022-23724 was published May 5, 2022

SQL injection and file upload attacks are possible due to insufficient validation of input values... Critical Unreviewed

CVE-2021-26634 was published Jun 3, 2022

PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry... Moderate Unreviewed

CVE-2022-23725 was published Jul 1, 2022

A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service... High Unreviewed

CVE-2022-2031 was published Aug 26, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

171 advisories