Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,616
Maven
5,000+
npm
4,255
NuGet
760
pip
4,040
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+

482 advisories

Loading
The KUKA SystemSoftware V/KSS in versions prior to 8.6.5 is prone to improper access control as... Critical Unreviewed
CVE-2022-2242 was published Aug 11, 2022
In SapphireIMS 5.0, it is possible to create local administrator on any client without requiring... Critical Unreviewed
CVE-2020-25563 was published May 24, 2022
The resolution SAML SSO apps for Atlassian products allow a remote attacker to login to a user... Critical Unreviewed
CVE-2021-37843 was published May 24, 2022
A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T200 (... Critical Unreviewed
CVE-2021-22772 was published May 24, 2022
Missing authentication for critical function in AssetView prior to Ver.13.2.0 allows a remote... Critical Unreviewed
CVE-2022-28719 was published Apr 29, 2022
An issue was discovered in Echo ShareCare 8.15.5. It does not perform authentication or... Critical Unreviewed
CVE-2021-36124 was published May 24, 2022
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are... Critical Unreviewed
CVE-2021-33221 was published May 24, 2022
The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does... Critical Unreviewed
CVE-2021-31337 was published May 24, 2022
Missing authentication for critical function in DAP-1880AC firmware version 1.21 and earlier... Critical Unreviewed
CVE-2021-20697 was published May 24, 2022
A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated... Critical Unreviewed
CVE-2021-23847 was published May 24, 2022
The Web CGI Script on ZyXEL LTE4506-M606 V1.00(ABDO.2)C0 devices does not require authentication,... Critical Unreviewed
CVE-2020-28899 was published May 24, 2022
Unauthenticated Arbitrary Options Update vulnerability leading to full website compromise... Critical Unreviewed
CVE-2021-36888 was published Dec 16, 2021
CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control. Critical Unreviewed
CVE-2021-30190 was published May 24, 2022
Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated,... Critical Unreviewed
CVE-2021-1393 was published May 24, 2022
** UNSUPPPORTED WHEN ASSIGNED **Broken Access Control in User Authentication in Avaya Scopia... Critical Unreviewed
CVE-2022-38168 was published Nov 4, 2022
In multiple managed switches by WAGO in different versions without authorization and with... Critical Unreviewed
CVE-2021-20998 was published May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 does not perform any authentication for... Critical Unreviewed
CVE-2020-4958 was published May 24, 2022
themegrill-demo-importer before 1.6.2 does not require authentication for wiping the database,... Critical Unreviewed
CVE-2020-36333 was published May 24, 2022
An issue was discovered in SquareBox CatDV Server through 9.2. An attacker can invoke sensitive... Critical Unreviewed
CVE-2021-26705 was published May 24, 2022
The official vault docker images before 0.11.6 contain a blank password for a root user. System... Critical Unreviewed
CVE-2020-35192 was published May 24, 2022
The official memcached docker images before 1.5.11-alpine (Alpine specific) contain a blank... Critical Unreviewed
CVE-2020-35197 was published May 24, 2022
The official kong docker images before 1.0.2-alpine (Alpine specific) contain a blank password... Critical Unreviewed
CVE-2020-35189 was published May 24, 2022
The official plone Docker images before version of 4.3.18-alpine (Alpine specific) contain a... Critical Unreviewed
CVE-2020-35190 was published May 24, 2022
The official haproxy docker images before 1.8.18-alpine (Alpine specific) contain a blank... Critical Unreviewed
CVE-2020-35195 was published May 24, 2022
Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing... Critical Unreviewed
CVE-2021-22652 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database