Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,861 advisories

Loading
The web application on Agilia Link+ version 3.0 implements authentication and session management... Critical Unreviewed
CVE-2021-23196 was published Jan 22, 2022
Fresenius Kabi Agilia Link + version 3.0 has a default configuration page accessible without... Moderate Unreviewed
CVE-2021-33843 was published Jan 22, 2022
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 allows user input to... Critical Unreviewed
CVE-2021-43355 was published Jan 22, 2022
Improper Access Control in Onionshare Moderate
CVE-2022-21692 was published for onionshare-cli (pip) Jan 21, 2022
Improper Access Control in Onionshare Moderate
CVE-2022-21695 was published for onionshare-cli (pip) Jan 21, 2022
Zoho ManageEngine Desktop Central before 10.1.2137.9 and Desktop Central MSP before 10.1.2137.9... Critical Unreviewed
CVE-2021-44757 was published Jan 19, 2022
An incorrect setting of UXN bits within mmu_flags_to_s1_pte_attr lead to privileged executable... Critical Unreviewed
CVE-2021-22566 was published Jan 19, 2022
SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers... High Unreviewed
CVE-2021-38696 was published Jan 19, 2022
The All in One SEO WordPress plugin before 4.1.5.3 is affected by a Privilege Escalation issue,... High Unreviewed
CVE-2021-25036 was published Jan 18, 2022
An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web... Critical Unreviewed
CVE-2022-23178 was published Jan 16, 2022
Some Dahua products have access control vulnerability in the password reset process. Attackers... Critical Unreviewed
CVE-2021-33046 was published Jan 14, 2022
A limited authentication bypass vulnerability was discovered that could allow an attacker to... High Unreviewed
CVE-2022-22990 was published Jan 14, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed
CVE-2021-34977 was published Jan 14, 2022
This vulnerability allows remote attackers to bypass authentication on affected installations of... Critical Unreviewed
CVE-2021-34993 was published Jan 14, 2022
Improper authentication vulnerability in Samsung Internet prior to 16.0.2.19 allows attackers to... Moderate Unreviewed
CVE-2022-22284 was published Jan 11, 2022
Improper access control vulnerability in S Assistant prior to version 7.5 allows attacker to... Moderate Unreviewed
CVE-2022-22289 was published Jan 11, 2022
Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers... Moderate Unreviewed
CVE-2021-43946 was published Jan 6, 2022
StarWind SAN & NAS build 1578 and StarWind Command Center Build 6864 Update Manager allows... Critical Unreviewed
CVE-2021-45389 was published Jan 5, 2022
The server-request receiver function of Shockwall system has an improper authentication... Critical Unreviewed
CVE-2021-45917 was published Jan 4, 2022
Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from... Moderate Unreviewed
CVE-2021-20150 was published Dec 31, 2021
Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication bypass vulnerability. It is... Critical Unreviewed
CVE-2021-20158 was published Dec 31, 2021
Netgear Nighthawk R6700 version 1.0.4.120 does not have sufficient protections for the UART... High Unreviewed
CVE-2021-23147 was published Dec 31, 2021
An improper authentication vulnerability has been reported to affect Android App Qfile. If... High Unreviewed
CVE-2021-38688 was published Dec 30, 2021
basic/BasicAuthProvider.java in AuthGuard before 0.9.0 allows authentication via an inactive... Critical Unreviewed
CVE-2021-45890 was published Dec 28, 2021
NETGEAR D7000 devices before 1.0.1.68 are affected by authentication bypass. Critical Unreviewed
CVE-2021-45495 was published Dec 27, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database