Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

793 advisories

Loading
Multiple Tenda devices are affected by authentication bypass, such as AC15V1.0 Firmware V15.03.05... Critical Unreviewed
CVE-2021-44971 was published Jan 29, 2022
An authentication bypass vulnerability exists in the cgiserver.cgi Login functionality of reolink... Critical Unreviewed
CVE-2021-40404 was published Jan 29, 2022
An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An authentication... Critical Unreviewed
CVE-2022-23855 was published Jan 25, 2022
TeslaMate before 1.25.1 (when using the default Docker configuration) allows attackers to open... Critical Unreviewed
CVE-2022-23126 was published Jan 25, 2022
Unisys OS 2200 Messaging Integration Services (NTSI) 7R3B IC3 and IC4, 7R3C, and 7R3D has an... Critical Unreviewed
CVE-2021-43394 was published Jan 25, 2022
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could allow a remote attacker to bypass security... Critical Unreviewed
CVE-2020-4879 was published Jan 22, 2022
The web application on Agilia Link+ version 3.0 implements authentication and session management... Critical Unreviewed
CVE-2021-23196 was published Jan 22, 2022
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 allows user input to... Critical Unreviewed
CVE-2021-43355 was published Jan 22, 2022
Zoho ManageEngine Desktop Central before 10.1.2137.9 and Desktop Central MSP before 10.1.2137.9... Critical Unreviewed
CVE-2021-44757 was published Jan 19, 2022
An incorrect setting of UXN bits within mmu_flags_to_s1_pte_attr lead to privileged executable... Critical Unreviewed
CVE-2021-22566 was published Jan 19, 2022
An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web... Critical Unreviewed
CVE-2022-23178 was published Jan 16, 2022
Some Dahua products have access control vulnerability in the password reset process. Attackers... Critical Unreviewed
CVE-2021-33046 was published Jan 14, 2022
This vulnerability allows remote attackers to bypass authentication on affected installations of... Critical Unreviewed
CVE-2021-34993 was published Jan 14, 2022
StarWind SAN & NAS build 1578 and StarWind Command Center Build 6864 Update Manager allows... Critical Unreviewed
CVE-2021-45389 was published Jan 5, 2022
The server-request receiver function of Shockwall system has an improper authentication... Critical Unreviewed
CVE-2021-45917 was published Jan 4, 2022
Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication bypass vulnerability. It is... Critical Unreviewed
CVE-2021-20158 was published Dec 31, 2021
basic/BasicAuthProvider.java in AuthGuard before 0.9.0 allows authentication via an inactive... Critical Unreviewed
CVE-2021-45890 was published Dec 28, 2021
NETGEAR D7000 devices before 1.0.1.68 are affected by authentication bypass. Critical Unreviewed
CVE-2021-45495 was published Dec 27, 2021
NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass. Critical Unreviewed
CVE-2021-45496 was published Dec 27, 2021
NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass. Critical Unreviewed
CVE-2021-45497 was published Dec 27, 2021
NETGEAR R6700v2 devices before 1.2.0.88 are affected by authentication bypass. Critical Unreviewed
CVE-2021-45498 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects AC2400 before 1.1.0... Critical Unreviewed
CVE-2021-45501 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24... Critical Unreviewed
CVE-2021-45504 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24... Critical Unreviewed
CVE-2021-45507 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24... Critical Unreviewed
CVE-2021-45509 was published Dec 27, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database