GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,935
Composer 5,069
Erlang 39
GitHub Actions 38
Go 2,726
Maven 6,143
npm 4,331
NuGet 763
pip 4,107
Pub 12
RubyGems 960
Rust 1,068
Swift 45

Unreviewed advisories

All unreviewed 279,299

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

993 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

ForgeRock Access Management (AM) before 7.0.2, when configured with Active Directory as the... Critical Unreviewed

CVE-2021-37153 was published May 24, 2022

Certain NETGEAR devices are affected by authentication bypass. This affects RBK852 before 3.2.10... Critical Unreviewed

CVE-2021-38513 was published May 24, 2022

A Use of Password Hash Instead of Password for Authentication vulnerability in cryptctl of SUSE... Critical Unreviewed

CVE-2019-18906 was published May 24, 2022

Zoho ManageEngine ADSelfService Plus through 6101 is vulnerable to unauthenticated Remote Code... Critical Unreviewed

CVE-2021-28958 was published May 24, 2022

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote... Critical Unreviewed

CVE-2021-1468 was published May 24, 2022

In versions 8.2.1 through 8.5.2 of Pega Infinity, the password reset functionality for local... Critical Unreviewed

CVE-2021-27651 was published May 24, 2022

IBM Planning Analytics Local 2.0 connects to a Redis server. The Redis server, an in-memory data... Critical Unreviewed

CVE-2020-4670 was published May 24, 2022

A vulnerability in the Form_Login function of TOTOLINK A720R A720R_Firmware V4.1.5cu... Critical Unreviewed

CVE-2021-35324 was published May 24, 2022

HomeAutomation 3.3.2 suffers from an authentication bypass vulnerability when spoofing client IP... Critical Unreviewed

CVE-2020-22001 was published May 24, 2022

The impact of this vulnerability is that Arista's EOS eAPI may skip re-evaluating user... Critical Unreviewed

CVE-2021-28503 was published Feb 10, 2022

Dell iDRAC9 versions 5.00.00.00 and later but prior to 5.10.10.00, contain an improper... Critical Unreviewed

CVE-2022-24422 was published May 27, 2022

A request-validation issue was discovered in Open5GS 2.1.3 through 2.2.0. The WebUI component... Critical Unreviewed

CVE-2021-28122 was published May 24, 2022

NETGEAR WAC104 devices before 1.0.4.15 are affected by an authentication bypass vulnerability in ... Critical Unreviewed

CVE-2021-35973 was published May 24, 2022

A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also... Critical Unreviewed

CVE-2021-29203 was published May 24, 2022

An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a Authentication... Critical Unreviewed

CVE-2020-35758 was published May 24, 2022

Certain NETGEAR devices are affected by authentication bypass. This affects RBW30 before 2.6.2.2,... Critical Unreviewed

CVE-2021-29067 was published May 24, 2022

An issue was discovered on Western Digital My Cloud OS 5 devices before 5.07.118. A NAS Admin... Critical Unreviewed

CVE-2020-29563 was published May 24, 2022

The Weintek cMT product line is vulnerable to various improper access controls, which may allow... Critical Unreviewed

CVE-2021-27444 was published May 17, 2022

Certain NETGEAR devices are affected by authentication bypass. This affects RBK852 before 3.2.17... Critical Unreviewed

CVE-2021-29066 was published May 24, 2022

An issue was discovered in the CentralAuth extension in MediaWiki through 1.36. Autoblocks for... Critical Unreviewed

CVE-2021-36128 was published May 24, 2022

SOPlanning before 1.47 has Incorrect Access Control because certain secret key information, and... Critical Unreviewed

CVE-2020-13963 was published May 24, 2022

The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the... Critical Unreviewed

CVE-2021-21986 was published May 24, 2022

The impacted products, when configured to use SSO, are affected by an improper authentication... Critical Unreviewed

CVE-2021-43935 was published Dec 16, 2021

Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation... Critical Unreviewed

CVE-2021-3325 was published May 24, 2022

NETGEAR RBR850 devices before 3.2.10.11 are affected by authentication bypass. Critical Unreviewed

CVE-2021-29065 was published May 24, 2022

Previous 1…38…40 Next

Previous 1 2 … 36 37 38 39 40 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

993 advisories