GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,017
Maven
5,000+
npm
3,722
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
311 advisories
Filter by severity
When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows...
Critical
Unreviewed
CVE-2022-25251
was published
Mar 17, 2022
Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an...
Critical
Unreviewed
CVE-2022-25247
was published
Mar 17, 2022
A vulnerability is in the 'wx.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6...
Critical
Unreviewed
CVE-2021-44259
was published
Mar 18, 2022
AVEVA System Platform versions 2017 through 2020 R2 P01 does not perform any authentication for...
Critical
Unreviewed
CVE-2021-33008
was published
Apr 5, 2022
In Totolink A3100R V5.9c.4577, multiple pages can be read by curl or Burp Suite without...
Critical
Unreviewed
CVE-2021-46009
was published
Apr 1, 2022
An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip...
Critical
Unreviewed
CVE-2021-28506
was published
Jan 15, 2022
The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not...
Critical
Unreviewed
CVE-2022-28660
was published
May 21, 2022
Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) allow Authentication...
Critical
Unreviewed
CVE-2020-25218
was published
May 24, 2022
Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5...
Critical
Unreviewed
CVE-2020-36239
was published
May 24, 2022
Tad Book3 editing book page does not perform identity verification. Remote attackers can use the...
Critical
Unreviewed
CVE-2021-41974
was published
May 24, 2022
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6),...
Critical
Unreviewed
CVE-2022-30230
was published
Jun 15, 2022
Authentication Bypass vulnerability in the web interface in McAfee Advanced Threat Defense (ATD)...
Critical
Unreviewed
CVE-2017-4052
was published
May 17, 2022
In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0,...
Critical
Unreviewed
CVE-2017-10804
was published
May 17, 2022
A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The...
Critical
Unreviewed
CVE-2021-44222
was published
Jul 13, 2022
OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 allows remote attackers to execute arbitrary...
Critical
Unreviewed
CVE-2016-5053
was published
May 17, 2022
An issue was discovered in Smiths-Medical CADD-Solis Medication Safety Software, Version 1.0; 2.0...
Critical
Unreviewed
CVE-2016-8355
was published
May 17, 2022
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker...
Critical
Unreviewed
CVE-2022-20858
was published
Jul 22, 2022
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Lack of...
Critical
Unreviewed
CVE-2017-5162
was published
May 17, 2022
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a missing...
Critical
Unreviewed
CVE-2022-22526
was published
Sep 29, 2022
Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. It...
Critical
Unreviewed
CVE-2022-29952
was published
Jul 27, 2022
Multiple W&T products of the ComServer Series are prone to an authentication bypass. An...
Critical
Unreviewed
CVE-2022-42785
was published
Nov 16, 2022
A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580,...
Critical
Unreviewed
CVE-2019-6808
was published
May 24, 2022
The administrative web server component of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO...
Critical
Unreviewed
CVE-2019-8993
was published
May 24, 2022
An issue was discovered in upgrade_htmls.cgi on VStarcam 100T (C7824WIP) KR75.8.53.20 and 200V ...
Critical
Unreviewed
CVE-2019-12288
was published
May 24, 2022
Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4...
Critical
Unreviewed
CVE-2022-42458
was published
Dec 7, 2022
ProTip!
Advisories are also available from the
GraphQL API