GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 31,362
Composer 5,942
Erlang 70
GitHub Actions 52
Go 3,967
Maven 6,619
npm 6,387
NuGet 973
pip 5,262
Pub 13
RubyGems 1,064
Rust 1,387
Swift 56

Unreviewed advisories

All unreviewed 306,487

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

701 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IBM Guardium Data Encryption (GDE) 3.0.0.2 and 4.0.0.4 does not perform any authentication for... High Unreviewed

CVE-2021-20474 was published May 24, 2022

Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer... High Unreviewed

CVE-2020-7389 was published May 24, 2022

A Missing Authentication for Critical Function vulnerability in B. Braun SpaceCom2 prior to... High Unreviewed

CVE-2021-33882 was published May 24, 2022

On 2.1.15 version and below of Lider module in LiderAhenk software is leaking it's configurations... High Unreviewed

CVE-2021-3825 was published May 24, 2022

Information disclosure: The main configuration, including users and their hashed passwords, is... High Unreviewed

CVE-2021-23858 was published May 24, 2022

TadTools special page is vulnerable to authorization bypass, thus remote attackers can use the... High Unreviewed

CVE-2021-41975 was published May 24, 2022

An issue was discovered in Digi RealPort through 4.8.488.0. The 'encrypted' mode is vulnerable to... High Unreviewed

CVE-2021-35979 was published May 24, 2022

A vulnerability has been identified in SIMATIC Process Historian 2013 and earlier (All versions),... High Unreviewed

CVE-2021-27395 was published May 24, 2022

The affected product is vulnerable to a missing permission validation on system backup restore,... High Unreviewed

CVE-2021-42539 was published May 24, 2022

Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated... High Unreviewed

CVE-2021-33543 was published May 24, 2022

An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality... High Unreviewed

CVE-2022-27169 was published May 26, 2022

An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of... High Unreviewed

CVE-2022-26303 was published May 26, 2022

An external config control vulnerability exists in the OAS Engine SecureAddSecurity functionality... High Unreviewed

CVE-2022-26043 was published May 26, 2022

An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles... High Unreviewed

CVE-2022-26067 was published May 26, 2022

A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of... High Unreviewed

CVE-2022-26026 was published May 26, 2022

TP-Link TL-WR840N EU v6.20 was discovered to contain insecure protections for its UART console.... High Unreviewed

CVE-2022-29402 was published May 26, 2022

An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which... High Unreviewed

CVE-2022-22576 was published May 27, 2022

Splunk Enterprise deployment servers in versions before 9.0 allow unauthenticated downloading of... High Unreviewed

CVE-2022-32157 was published Jun 16, 2022

An Uncontrolled Resource Consumption vulnerability in spacewalk-java of SUSE Manager Server 4.1,... High Unreviewed

CVE-2022-21952 was published Jun 23, 2022

Due to missing authentication check, SAP Business one License service API - version 10.0 allows... High Unreviewed

CVE-2022-28771 was published Jul 13, 2022

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S ... High Unreviewed

CVE-2022-33138 was published Jul 13, 2022

Apache Hive before 3.1.3 `CREATE` and `DROP` function operations do not check for necessary authorization. High

CVE-2021-34538 was published for org.apache.hive:hive (Maven) Jul 17, 2022

An issue was discovered in Open Design Alliance Drawings SDK before 2023.3. An Out-of-Bounds Read... High Unreviewed

CVE-2022-28809 was published Jul 18, 2022

The affected product is vulnerable due to missing authentication, which may allow an attacker to... High Unreviewed

CVE-2022-2138 was published Jul 23, 2022

This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed

CVE-2022-35871 was published Jul 26, 2022

Previous 1…7…29 Next

Previous 1 2 … 5 6 7 8 9 … 28 29 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

701 advisories