Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

814 advisories

Loading
Sensitive information can be obtained through the handling of serialized data. The issue results... Moderate Unreviewed
CVE-2020-14479 was published Apr 3, 2022
The software does not perform any authentication for critical system functionality. Moderate Unreviewed
CVE-2022-0922 was published Apr 3, 2022
In Totolink A3100R V5.9c.4577, "test.asp" contains an API-like function, which is not... Moderate Unreviewed
CVE-2021-46006 was published Apr 1, 2022
In Totolink A3100R V5.9c.4577, multiple pages can be read by curl or Burp Suite without... Critical Unreviewed
CVE-2021-46009 was published Apr 1, 2022
totolink EX300_v2 V4.0.3c.140_B20210429 and EX1200T V4.1.2cu.5230_B20210706 does not contain an... High Unreviewed
CVE-2022-25008 was published Apr 1, 2022
Missing Authentication for Critical Function in Foreman Ansible High
CVE-2021-3589 was published for foreman_ansible (RubyGems) Mar 24, 2022
A vulnerability is in the 'BRS_top.html' page of the Netgear W104, version WAC104-V1.0.4.13,... Moderate Unreviewed
CVE-2021-44261 was published Mar 18, 2022
A vulnerability is in the 'live_mfg.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6... High Unreviewed
CVE-2021-44260 was published Mar 18, 2022
A vulnerability is in the 'MNU_top.htm' page of the Netgear W104, version WAC104-V1.0.4.13, which... High Unreviewed
CVE-2021-44262 was published Mar 18, 2022
A vulnerability is in the 'wx.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6... Critical Unreviewed
CVE-2021-44259 was published Mar 18, 2022
Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2). Critical Unreviewed
CVE-2022-26501 was published Mar 18, 2022
Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an... Critical Unreviewed
CVE-2022-25247 was published Mar 17, 2022
When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows... Critical Unreviewed
CVE-2022-25251 was published Mar 17, 2022
When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows... High Unreviewed
CVE-2022-25250 was published Mar 17, 2022
Improper Authentication in FreeTAKServer High
CVE-2022-25508 was published for FreeTAKServer (pip) Mar 12, 2022
atune before 0.3-0.8 log in as a local user and run the curl command to access the local atune... High Unreviewed
CVE-2021-33658 was published Mar 12, 2022
The Simple Diagnostics Agent - versions 1.0 up to version 1.57, does not perform any... High Unreviewed
CVE-2022-24396 was published Mar 11, 2022
Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic... Critical Unreviewed
CVE-2022-25922 was published Mar 11, 2022
Emerson OpenEnterprise versions through 3.3.4 may allow an attacker to run an arbitrary commands... Critical Unreviewed
CVE-2020-10640 was published Feb 25, 2022
Denial of service in Grafana Moderate
CVE-2021-27358 was published for github.com/grafana/grafana (Go) Feb 15, 2022
The CMP WordPress plugin before 4.0.19 allows any user, even not logged in, may arbitrarily... Moderate Unreviewed
CVE-2022-0188 was published Feb 15, 2022
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause... Critical Unreviewed
CVE-2021-22823 was published Feb 12, 2022
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause... Critical Unreviewed
CVE-2021-22805 was published Feb 12, 2022
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow... Moderate Unreviewed
CVE-2022-22809 was published Feb 11, 2022
In Mahara 21.04 before 21.04.3 and 21.10 before 21.10.1, portfolios created in groups that have... Moderate Unreviewed
CVE-2022-24111 was published Feb 11, 2022
ProTip! Advisories are also available from the GraphQL API