GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
101 advisories
Filter by severity
The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the...
Moderate
Unreviewed
CVE-2021-28195
was published
May 24, 2022
The specific function in ASUS BMC’s firmware Web management page (Delete SOL video file function)...
Moderate
Unreviewed
CVE-2021-28205
was published
May 24, 2022
The Web Service configuration function in ASUS BMC’s firmware Web management page does not verify...
Moderate
Unreviewed
CVE-2021-28182
was published
May 24, 2022
The specific function in ASUS BMC’s firmware Web management page (Generate new SSL certificate)...
Moderate
Unreviewed
CVE-2021-28187
was published
May 24, 2022
The UEFI configuration function in ASUS BMC’s firmware Web management page does not verify the...
Moderate
Unreviewed
CVE-2021-28178
was published
May 24, 2022
The Active Directory configuration function in ASUS BMC’s firmware Web management page does not...
Moderate
Unreviewed
CVE-2021-28197
was published
May 24, 2022
The Service configuration-1 function in ASUS BMC’s firmware Web management page does not verify...
Moderate
Unreviewed
CVE-2021-28201
was published
May 24, 2022
The specific function in ASUS BMC’s firmware Web management page (Modify user’s information...
Moderate
Unreviewed
CVE-2021-28188
was published
May 24, 2022
The specific function in ASUS BMC’s firmware Web management page (Delete video file function)...
Moderate
Unreviewed
CVE-2021-28209
was published
May 24, 2022
Cross Site Scripting (XSS) vulnerability in router Asus DSL-N14U-B1 1.1.2.3_805 via the "*list"...
Moderate
Unreviewed
CVE-2022-32988
was published
Jul 2, 2022
An HTTP response splitting attack in web application in ASUS RT-AX88U before v3.0.0.4.388.20558...
Moderate
Unreviewed
CVE-2021-41437
was published
Sep 27, 2022
AsusSoftwareManager.exe in ASUS System Control Interface on ASUS personal computers (running...
Moderate
Unreviewed
CVE-2022-36439
was published
Oct 18, 2022
A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set...
Moderate
Unreviewed
CVE-2023-1079
was published
Mar 27, 2023
A Cross-site scripting (XSS) vulnerability in the System Log/General Log page of the...
Moderate
Unreviewed
CVE-2023-29772
was published
May 2, 2023
** UNSUPPORTED WHEN ASSIGNED ** A stored cross-site scripting (XSS) vulnerability in the...
Moderate
Unreviewed
CVE-2023-34941
was published
Jun 12, 2023
ASUS Router RT-AX3000 Firmware versions prior to 3.0.0.4.388.23403 uses sensitive cookies without...
Moderate
Unreviewed
CVE-2023-31195
was published
Jun 13, 2023
A stored cross-site scripting (XSS) issue was discovered within the Custom User Icons...
Moderate
Unreviewed
CVE-2023-34360
was published
Jul 31, 2023
CSV Injection vulnerability in the Asus RT-N12+ router allows administrator users to inject...
Moderate
Unreviewed
CVE-2024-28328
was published
Apr 26, 2024
Incorrect Access Control in Asus RT-N12+ B1 routers allows local attackers to obtain root...
Moderate
Unreviewed
CVE-2024-28326
was published
Apr 26, 2024
Asus RT-N12+ B1 router stores credentials in cleartext, which could allow local attackers to...
Moderate
Unreviewed
CVE-2024-28325
was published
Apr 26, 2024
An issue discovered in httpd in ASUS RT-AC51U with firmware version up to and including 3.0.0.4...
Moderate
Unreviewed
CVE-2023-31889
was published
Apr 29, 2024
ASUS RT-AX92U lighttpd mod_webdav.so SQL Injection Information Disclosure Vulnerability. This...
Moderate
Unreviewed
CVE-2023-35720
was published
May 3, 2024
The parameter used in the certain page of ASUS Download Master is not properly filtered for user...
Moderate
Unreviewed
CVE-2024-31159
was published
Jun 14, 2024
The parameter used in the certain page of ASUS Download Master is not properly filtered for user...
Moderate
Unreviewed
CVE-2024-31160
was published
Jun 14, 2024
In the Linux kernel, the following vulnerability has been resolved:
ionic: fix kernel panic in...
Moderate
Unreviewed
CVE-2024-40907
was published
Jul 12, 2024
ProTip!
Advisories are also available from the
GraphQL API