Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,698
Maven
5,000+
npm
4,325
NuGet
761
pip
4,099
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,968 advisories

Loading
Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An... Critical Unreviewed
CVE-2023-28461 was published Mar 16, 2023
Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code... Critical Unreviewed
CVE-2021-44515 was published Dec 13, 2021
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and... Critical Unreviewed
CVE-2021-44077 was published Nov 30, 2021
Open Management Infrastructure Elevation of Privilege Vulnerability This CVE ID is unique from... High Unreviewed
CVE-2021-38648 was published May 24, 2022
Open Management Infrastructure Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-38647 was published May 24, 2022
Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API... Critical Unreviewed
CVE-2021-40539 was published May 24, 2022
ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability.... Critical Unreviewed
CVE-2024-11680 was published Nov 26, 2024
Windows Task Scheduler Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-49039 was published Nov 12, 2024
The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows... Critical Unreviewed
CVE-2021-32030 was published May 24, 2022
Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass... Critical Unreviewed
CVE-2021-22893 was published May 24, 2022
An issue was discovered in Veritas Backup Exec before 21.2. It supports multiple authentication... Critical Unreviewed
CVE-2021-27877 was published May 24, 2022
The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote... Critical Unreviewed
CVE-2020-10148 was published May 24, 2022
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS... High Unreviewed
CVE-2022-48618 was published Jan 9, 2024
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18,... Moderate Unreviewed
CVE-2020-8196 was published May 24, 2022
An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and... High Unreviewed
CVE-2020-12812 was published May 24, 2022
SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not... High Unreviewed
CVE-2020-6287 was published May 24, 2022
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18,... Moderate Unreviewed
CVE-2020-8193 was published May 24, 2022
Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or... Moderate Unreviewed
CVE-2020-3952 was published May 24, 2022
Unraid 6.8.0 allows authentication bypass. High Unreviewed
CVE-2020-5849 was published May 24, 2022
Unraid through 6.8.0 allows Remote Code Execution. High Unreviewed
CVE-2020-5847 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft Exchange software when the software... High Unreviewed
CVE-2020-0688 was published May 24, 2022
An elevation of privilege vulnerability exists when Windows improperly handles authentication... High Unreviewed
CVE-2019-0543 was published May 13, 2022
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version... Critical Unreviewed
CVE-2022-40684 was published Oct 18, 2022
Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP... Critical Unreviewed
CVE-2022-37042 was published Aug 13, 2022
An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker... Critical Unreviewed
CVE-2022-1040 was published Mar 26, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database