GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,420

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

307 advisories

Filter by severity

Sort by

Least recently updated

NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmiFlash, where a local user with... High Unreviewed

CVE-2022-42276 was published Jan 13, 2023

An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private... High Unreviewed

CVE-2022-46463 was published Jan 13, 2023

The Simple Diagnostics Agent - versions 1.0 up to version 1.57, does not perform any... High Unreviewed

CVE-2022-24396 was published Mar 11, 2022

atune before 0.3-0.8 log in as a local user and run the curl command to access the local atune... High Unreviewed

CVE-2021-33658 was published Mar 12, 2022

When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows... High Unreviewed

CVE-2022-25250 was published Mar 17, 2022

A vulnerability is in the 'live_mfg.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6... High Unreviewed

CVE-2021-44260 was published Mar 18, 2022

A vulnerability is in the 'MNU_top.htm' page of the Netgear W104, version WAC104-V1.0.4.13, which... High Unreviewed

CVE-2021-44262 was published Mar 18, 2022

totolink EX300_v2 V4.0.3c.140_B20210429 and EX1200T V4.1.2cu.5230_B20210706 does not contain an... High Unreviewed

CVE-2022-25008 was published Apr 1, 2022

Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Missing... High Unreviewed

CVE-2020-27376 was published Apr 8, 2022

The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior... High Unreviewed

CVE-2021-25094 was published Apr 26, 2022

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /cnr requests. High Unreviewed

CVE-2020-15336 was published May 24, 2022

An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of... High Unreviewed

CVE-2019-5163 was published May 24, 2022

An external config control vulnerability exists in the OAS Engine SecureAddSecurity functionality... High Unreviewed

CVE-2022-26043 was published May 26, 2022

An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles... High Unreviewed

CVE-2022-26067 was published May 26, 2022

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /registerCpe requests. High Unreviewed

CVE-2020-15335 was published May 24, 2022

AVE DOMINAplus <=1.10.x suffers from an unauthenticated reboot command execution. Attackers can... High Unreviewed

CVE-2020-21996 was published May 24, 2022

A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of... High Unreviewed

CVE-2022-26026 was published May 26, 2022

TP-Link TL-WR840N EU v6.20 was discovered to contain insecure protections for its UART console.... High Unreviewed

CVE-2022-29402 was published May 26, 2022

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ... High Unreviewed

CVE-2020-15799 was published May 24, 2022

Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer... High Unreviewed

CVE-2020-7389 was published May 24, 2022

In Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older an internal... High Unreviewed

CVE-2021-20990 was published May 24, 2022

OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access... High Unreviewed

CVE-2020-15078 was published May 24, 2022

The S3 buckets and keys in a secure Apache Ozone Cluster must be inaccessible to anonymous access... High Unreviewed

CVE-2020-17517 was published May 24, 2022

Splunk Enterprise deployment servers in versions before 9.0 allow unauthenticated downloading of... High Unreviewed

CVE-2022-32157 was published Jun 16, 2022

Exploitation of Authentication vulnerability in the web interface in McAfee Advanced Threat... High Unreviewed

CVE-2017-4055 was published May 17, 2022

Previous 1 2 3 4 5 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

307 advisories