GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,902
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,709
Maven 6,141
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 278,901

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

882 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

ThinVNC version 1.0b1 allows an unauthenticated user to bypass the authentication process via ... Critical Unreviewed

CVE-2022-25226 was published Apr 19, 2022

Improper authentication vulnerability in the communication protocol provided by AD (Automation... Critical Unreviewed

CVE-2022-26034 was published Apr 16, 2022

A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC)... Critical Unreviewed

CVE-2022-20695 was published Apr 16, 2022

VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE... Critical Unreviewed

CVE-2022-22956 was published Apr 14, 2022

VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE... Critical Unreviewed

CVE-2022-22955 was published Apr 14, 2022

The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings... Critical Unreviewed

CVE-2021-46742 was published Apr 12, 2022

All programming connections receive the same unlocked privileges, which can result in a privilege... Critical Unreviewed

CVE-2021-32984 was published Apr 5, 2022

After Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 is... Critical Unreviewed

CVE-2021-32986 was published Apr 5, 2022

Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 does not protect... Critical Unreviewed

CVE-2021-32980 was published Apr 5, 2022

An issue in provider/libserver/ECKrbAuth.cpp of Kopano-Core v11.0.2.51 contains an issue which... Critical Unreviewed

CVE-2022-26562 was published Apr 2, 2022

An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. A user row was not... Critical Unreviewed

CVE-2022-23795 was published Mar 31, 2022

A vulnerability in the authentication logic of Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker... Critical Unreviewed

CVE-2019-9564 was published Mar 31, 2022

A vulnerability classified as critical was found in SourceCodester One Church Management System 1... Critical Unreviewed

CVE-2022-1084 was published Mar 30, 2022

An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware... Critical Unreviewed

CVE-2022-0342 was published Mar 29, 2022

An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker... Critical Unreviewed

CVE-2022-1040 was published Mar 26, 2022

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication... Critical Unreviewed

CVE-2022-0547 was published Mar 19, 2022

In maccms v10, an attacker can log in through /index.php/user/login in the "col" and "openid"... Critical Unreviewed

CVE-2021-45786 was published Mar 17, 2022

YzmCMS v6.3 is affected by broken access control. Without login, unauthorized access to the user... Critical Unreviewed

CVE-2022-23383 was published Mar 11, 2022

A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to... Critical Unreviewed

CVE-2022-0715 was published Mar 10, 2022

Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types. Critical Unreviewed

CVE-2022-0730 was published Mar 5, 2022

An improper authentication vulnerability in FortiMail before 7.0.1 may allow a remote attacker to... Critical Unreviewed

CVE-2021-36166 was published Mar 2, 2022

On ICL ScadaFlex II SCADA Controller SC-1 and SC-2 1.03.07 devices, unauthenticated remote... Critical Unreviewed

CVE-2022-25359 was published Feb 27, 2022

In JetBrains TeamCity before 2021.1.4, GitLab authentication impersonation was possible. Critical Unreviewed

CVE-2022-24331 was published Feb 26, 2022

In JetBrains Hub before 2022.1.14434, SAML request takeover was possible. Critical Unreviewed

CVE-2022-25262 was published Feb 26, 2022

Authentication bypass vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.74,... Critical Unreviewed

CVE-2022-21142 was published Feb 25, 2022

Previous 1…33…36 Next

Previous 1 2 … 31 32 33 34 35 36 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

882 advisories