GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,935
Composer 5,069
Erlang 39
GitHub Actions 38
Go 2,726
Maven 6,143
npm 4,331
NuGet 763
pip 4,107
Pub 12
RubyGems 960
Rust 1,068
Swift 45

Unreviewed advisories

All unreviewed 279,299

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,544 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

ECP SAML binding bypasses authentication flows High

CVE-2021-3827 was published for org.keycloak:keycloak-saml-core (Maven) Apr 27, 2022

Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD... High Unreviewed

CVE-2017-2871 was published May 13, 2022

Improper Authentication in Mortbay Jetty High

CVE-2007-5614 was published for org.mortbay.jetty:jetty (Maven) May 1, 2022

Improper Authentication in Spring Security High

CVE-2014-0097 was published for org.springframework.security:spring-security-core (Maven) May 13, 2022

An exploitable authentication bypass vulnerability exists in the API daemon of Circle with Disney... High Unreviewed

CVE-2017-2914 was published May 13, 2022

A denial of service vulnerability exists in the SeaMax remote configuration functionality of... High Unreviewed

CVE-2021-21965 was published Feb 10, 2022

Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD... High Unreviewed

CVE-2017-2872 was published May 13, 2022

An authentication bypass vulnerability exists in the process_msg() function of the home_security... High Unreviewed

CVE-2021-21953 was published Dec 23, 2021

Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a... High Unreviewed

CVE-2021-21127 was published May 24, 2022

Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 88.0.4324... High Unreviewed

CVE-2021-21125 was published May 24, 2022

An authentication issue was addressed with improved state management. This issue is fixed in... High Unreviewed

CVE-2020-29633 was published May 24, 2022

XWiki Platform Old Core vulnerable to Authentication Bypass Using the Login Action High

CVE-2022-36092 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Sep 16, 2022

In ActivityTaskManagerService.startActivity() and AppTaskImpl.startActivity() of... High Unreviewed

CVE-2021-0571 was published May 24, 2022

Western Digital WD My Book Live (2.x and later) and WD My Book Live Duo (all versions) have an... High Unreviewed

CVE-2021-35941 was published May 24, 2022

A potential vulnerability in Splunk Enterprise's implementation of DUO MFA allows for bypassing... High Unreviewed

CVE-2021-26253 was published May 7, 2022

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain highly sensitive... High Unreviewed

CVE-2021-29747 was published May 24, 2022

A vulnerability has been identified in SIPORT MP (All versions < 3.2.1). Vulnerable versions of... High Unreviewed

CVE-2020-7591 was published May 24, 2022

An issue was discovered on FiberHome HG6245D devices through RP2613. There is a telnet?enable=0... High Unreviewed

CVE-2021-27173 was published May 24, 2022

An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where... High Unreviewed

CVE-2020-21934 was published May 24, 2022

Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated,... High Unreviewed

CVE-2021-1601 was published May 24, 2022

A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (V4.5.0... High Unreviewed

CVE-2021-37172 was published May 24, 2022

IBM PowerVM Hypervisor FW940 and FW950 could allow an attacker to obtain sensitive information if... High Unreviewed

CVE-2021-29765 was published May 24, 2022

Dell Support Assist OS Recovery versions before 5.5.2 contain an Authentication Bypass... High Unreviewed

CVE-2022-26865 was published May 27, 2022

XWiki Platform Web Templates vulnerable to Unauthorized User Registration Through the Distribution Wizard High

CVE-2022-36093 was published for org.xwiki.platform:xwiki-platform-web (Maven) Sep 16, 2022

In sendBugreportNotification of BugreportProgressService.java, there is a possible permission... High Unreviewed

CVE-2021-0570 was published May 24, 2022

Previous 1…3…62 Next

Previous 1 2 3 4 5 … 61 62 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,544 advisories