Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,017
Maven
5,000+
npm
3,722
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

322 advisories

Loading
On SOYAL AR-727H and AR-829Ev5 devices, all CGI programs allow unauthenticated POST access. High Unreviewed
CVE-2019-6451 was published May 24, 2022
A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a... High Unreviewed
CVE-2019-6820 was published May 24, 2022
Unauthenticated password hash disclosure in the User.getUserPWD method in eQ-3 AG Homematic CCU3... High Unreviewed
CVE-2019-9727 was published May 24, 2022
An issue was discovered on LG GAMP-7100, GAPM-7200, and GAPM-8000 routers. An unauthenticated... High Unreviewed
CVE-2019-7404 was published May 24, 2022
SOOTEWAY Wi-Fi Range Extender v1.5 was discovered to use default credentials (the admin password... High Unreviewed
CVE-2021-30028 was published May 21, 2022
BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote... High Unreviewed
CVE-2014-4872 was published May 17, 2022
Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware... High Unreviewed
CVE-2016-7830 was published May 17, 2022
In all Android releases from CAF using the Linux kernel, the Hypervisor API could be misused to... High Unreviewed
CVE-2015-9030 was published May 17, 2022
Exploitation of Authentication vulnerability in the web interface in McAfee Advanced Threat... High Unreviewed
CVE-2017-4055 was published May 17, 2022
IBM Security Identity Manager Adapters 6.0 and 7.0 does not perform an authentication check for a... High Unreviewed
CVE-2017-1483 was published May 17, 2022
The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no... High Unreviewed
CVE-2017-8156 was published May 17, 2022
The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no... High Unreviewed
CVE-2017-8155 was published May 17, 2022
SAP Startup Service, SAP KERNEL 7.45, 7.49, and 7.52, is missing an authentication check for... High Unreviewed
CVE-2018-2360 was published May 14, 2022
Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to bypass authentication... High Unreviewed
CVE-2018-0521 was published May 14, 2022
Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to bypass authentication and... High Unreviewed
CVE-2017-10854 was published May 14, 2022
Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to log in as user "sddm"... High Unreviewed
CVE-2014-7271 was published May 14, 2022
Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute... High Unreviewed
CVE-2018-0554 was published May 14, 2022
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an... High Unreviewed
CVE-2018-11476 was published May 14, 2022
GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an... High Unreviewed
CVE-2017-0919 was published May 14, 2022
NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire... High Unreviewed
CVE-2018-5486 was published May 13, 2022
A vulnerability has been identified in EN100 Ethernet module IEC 61850 variant (All versions < V4... High Unreviewed
CVE-2018-4838 was published May 13, 2022
Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's... High Unreviewed
CVE-2018-18264 was published May 13, 2022
A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating... High Unreviewed
CVE-2017-3819 was published May 13, 2022
Weak access control methods on the TP-Link TL-SG108E 1.0.0 allow any user on a NAT network with... High Unreviewed
CVE-2017-17746 was published May 13, 2022
Incorrect access control in AMAG Symmetry Door Edge Network Controllers (EN-1DBC Boot App 23611... High Unreviewed
CVE-2017-16241 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database