Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,263
Erlang
31
GitHub Actions
21
Go
2,033
Maven
5,000+
npm
3,732
NuGet
662
pip
3,411
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

311 advisories

Loading
The server permits communication without any authentication procedure, allowing the attacker to... Critical Unreviewed
CVE-2021-38457 was published May 24, 2022
Tad Book3 editing book page does not perform identity verification. Remote attackers can use the... Critical Unreviewed
CVE-2021-41974 was published May 24, 2022
Properly formatted POST requests to multiple resources on the HTTP and HTTPS web servers of the... Critical Unreviewed
CVE-2021-38412 was published May 24, 2022
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to ... Critical Unreviewed
CVE-2021-28913 was published May 24, 2022
Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that... Critical Unreviewed
CVE-2021-37415 was published May 24, 2022
In SapphireIMS 5.0, it is possible to create local administrator on any client without requiring... Critical Unreviewed
CVE-2020-25563 was published May 24, 2022
The resolution SAML SSO apps for Atlassian products allow a remote attacker to login to a user... Critical Unreviewed
CVE-2021-37843 was published May 24, 2022
Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5... Critical Unreviewed
CVE-2020-36239 was published May 24, 2022
A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T200 (... Critical Unreviewed
CVE-2021-22772 was published May 24, 2022
An issue was discovered in Echo ShareCare 8.15.5. It does not perform authentication or... Critical Unreviewed
CVE-2021-36124 was published May 24, 2022
A vulnerability in the user registration component found in the ~/src/Classes/RegistrationAuth... Critical Unreviewed
CVE-2021-34621 was published May 24, 2022
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are... Critical Unreviewed
CVE-2021-33221 was published May 24, 2022
The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does... Critical Unreviewed
CVE-2021-31337 was published May 24, 2022
A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated... Critical Unreviewed
CVE-2021-23847 was published May 24, 2022
CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control. Critical Unreviewed
CVE-2021-30190 was published May 24, 2022
In multiple managed switches by WAGO in different versions without authorization and with... Critical Unreviewed
CVE-2021-20998 was published May 24, 2022
themegrill-demo-importer before 1.6.2 does not require authentication for wiping the database,... Critical Unreviewed
CVE-2020-36333 was published May 24, 2022
Missing authentication for critical function in DAP-1880AC firmware version 1.21 and earlier... Critical Unreviewed
CVE-2021-20697 was published May 24, 2022
Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) allow Authentication... Critical Unreviewed
CVE-2020-25218 was published May 24, 2022
The Web CGI Script on ZyXEL LTE4506-M606 V1.00(ABDO.2)C0 devices does not require authentication,... Critical Unreviewed
CVE-2020-28899 was published May 24, 2022
An issue was discovered in SquareBox CatDV Server through 9.2. An attacker can invoke sensitive... Critical Unreviewed
CVE-2021-26705 was published May 24, 2022
Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated,... Critical Unreviewed
CVE-2021-1393 was published May 24, 2022
Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing... Critical Unreviewed
CVE-2021-22652 was published May 24, 2022
A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All... Critical Unreviewed
CVE-2020-15798 was published May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 does not perform any authentication for... Critical Unreviewed
CVE-2020-4958 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database