GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
230 advisories
Filter by severity
A vulnerability is in the 'BRS_top.html' page of the Netgear W104, version WAC104-V1.0.4.13,...
Moderate
Unreviewed
CVE-2021-44261
was published
Mar 18, 2022
In setPackageStoppedState of PackageManagerService.java, there is a missing permission check....
Moderate
Unreviewed
CVE-2021-1011
was published
Dec 16, 2021
Sensitive information can be obtained through the handling of serialized data. The issue results...
Moderate
Unreviewed
CVE-2020-14479
was published
Apr 3, 2022
In Totolink A3100R V5.9c.4577, "test.asp" contains an API-like function, which is not...
Moderate
Unreviewed
CVE-2021-46006
was published
Apr 1, 2022
The software does not perform any authentication for critical system functionality.
Moderate
Unreviewed
CVE-2022-0922
was published
Apr 3, 2022
Electric Vehicle (EV) commonly utilises the Combined Charging System (CCS) for DC rapid charging....
Moderate
Unreviewed
CVE-2022-0878
was published
Apr 13, 2022
A flaw was found in Red Hat 3scale’s API docs URL, where it is accessible without credentials....
Moderate
Unreviewed
CVE-2020-25634
was published
May 24, 2022
The Baxter Spectrum WBM does not perform mutual authentication with the gateway server host. This...
Moderate
Unreviewed
CVE-2022-26394
was published
Sep 10, 2022
Zoho ManageEngine OpManager before 125120 allows an unauthenticated user to retrieve an API key...
Moderate
Unreviewed
CVE-2020-11946
was published
May 24, 2022
An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php ...
Moderate
Unreviewed
CVE-2020-11579
was published
May 24, 2022
An exploitable improper access control vulnerability exists in the bluetooth low energy...
Moderate
Unreviewed
CVE-2019-5014
was published
May 24, 2022
The POWER systems FSP is vulnerable to unauthenticated logins through the serial port/TTY...
Moderate
Unreviewed
CVE-2022-22309
was published
May 25, 2022
The Thrive Optimize WordPress plugin before 1.4.13.3, Thrive Comments WordPress plugin before 1.4...
Moderate
Unreviewed
CVE-2021-24219
was published
May 24, 2022
HashiCorp Vault Enterprise 0.9.2 through 1.6.2 allowed the read of license metadata from DR...
Moderate
Unreviewed
CVE-2021-27668
was published
May 24, 2022
A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and...
Moderate
Unreviewed
CVE-2022-20830
was published
Oct 11, 2022
The vulnerability allows a remote unauthenticated attacker to download a backup file, if one...
Moderate
Unreviewed
CVE-2022-3738
was published
Jan 19, 2023
Under certain circumstances an unauthenticated user could access the the web API for Metasys ADS...
Moderate
Unreviewed
CVE-2021-36200
was published
Jul 23, 2022
A CWE-306: Missing Authentication for Critical Function vulnerability exists in IGSS (Versions 14...
Moderate
Unreviewed
CVE-2020-7479
was published
May 24, 2022
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All...
Moderate
Unreviewed
CVE-2022-29881
was published
May 21, 2022
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All...
Moderate
Unreviewed
CVE-2022-29879
was published
May 21, 2022
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All...
Moderate
Unreviewed
CVE-2022-29877
was published
May 21, 2022
Online Store System v1.0 delete_product.php doesn't check to see if a user authtenticated or has...
Moderate
Unreviewed
CVE-2019-8292
was published
May 24, 2022
Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the...
Moderate
Unreviewed
CVE-2019-5451
was published
May 24, 2022
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where...
Moderate
Unreviewed
CVE-2022-3188
was published
Dec 22, 2022
An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can...
Moderate
Unreviewed
CVE-2019-17353
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API