Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,544 advisories

Loading
Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated,... High Unreviewed
CVE-2021-1601 was published May 24, 2022
An issue was discovered on FiberHome HG6245D devices through RP2613. There is a telnet?enable=0... High Unreviewed
CVE-2021-27173 was published May 24, 2022
A vulnerability has been identified in SIPORT MP (All versions < 3.2.1). Vulnerable versions of... High Unreviewed
CVE-2020-7591 was published May 24, 2022
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain highly sensitive... High Unreviewed
CVE-2021-29747 was published May 24, 2022
A potential vulnerability in Splunk Enterprise's implementation of DUO MFA allows for bypassing... High Unreviewed
CVE-2021-26253 was published May 7, 2022
Western Digital WD My Book Live (2.x and later) and WD My Book Live Duo (all versions) have an... High Unreviewed
CVE-2021-35941 was published May 24, 2022
In ActivityTaskManagerService.startActivity() and AppTaskImpl.startActivity() of... High Unreviewed
CVE-2021-0571 was published May 24, 2022
XWiki Platform Old Core vulnerable to Authentication Bypass Using the Login Action High
CVE-2022-36092 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Sep 16, 2022
Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 88.0.4324... High Unreviewed
CVE-2021-21125 was published May 24, 2022
An authentication issue was addressed with improved state management. This issue is fixed in... High Unreviewed
CVE-2020-29633 was published May 24, 2022
Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a... High Unreviewed
CVE-2021-21127 was published May 24, 2022
An authentication bypass vulnerability exists in the process_msg() function of the home_security... High Unreviewed
CVE-2021-21953 was published Dec 23, 2021
Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD... High Unreviewed
CVE-2017-2872 was published May 13, 2022
A denial of service vulnerability exists in the SeaMax remote configuration functionality of... High Unreviewed
CVE-2021-21965 was published Feb 10, 2022
An exploitable authentication bypass vulnerability exists in the API daemon of Circle with Disney... High Unreviewed
CVE-2017-2914 was published May 13, 2022
Improper Authentication in Spring Security High
CVE-2014-0097 was published for org.springframework.security:spring-security-core (Maven) May 13, 2022
Improper Authentication in Mortbay Jetty High
CVE-2007-5614 was published for org.mortbay.jetty:jetty (Maven) May 1, 2022
Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD... High Unreviewed
CVE-2017-2871 was published May 13, 2022
ECP SAML binding bypasses authentication flows High
CVE-2021-3827 was published for org.keycloak:keycloak-saml-core (Maven) Apr 27, 2022
Real-time image information exposure is caused by insufficient authentication for activated RTSP... High Unreviewed
CVE-2021-26627 was published Apr 20, 2022
TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to use the HTTP protocol for authentication... High Unreviewed
CVE-2021-45735 was published Feb 5, 2022
A vulnerability within the authentication process of Abacus ERP allows a remote attacker to... High Unreviewed
CVE-2022-1065 was published Apr 20, 2022
The device authentication service module has a defect vulnerability introduced in the design... High Unreviewed
CVE-2021-46740 was published Apr 12, 2022
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6... High Unreviewed
CVE-2021-45502 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6... High Unreviewed
CVE-2021-45503 was published Dec 27, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database