GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,642
Composer 4,232
Erlang 31
GitHub Actions 20
Go 1,991
Maven 5,179
npm 3,709
NuGet 661
pip 3,344
Pub 11
RubyGems 884
Rust 846
Swift 36

Unreviewed advisories

All unreviewed 234,891

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

302 advisories

Filter by severity

Sort by

Least recently updated

An authentication bypass vulnerability exists in the get_IFTTTTtoken.cgi functionality of Asus RT... High Unreviewed

CVE-2022-35401 was published Jan 10, 2023

An information disclosure vulnerability exists in the cm_processREQ_NC opcode of Asus RT-AX82U 3... High Unreviewed

CVE-2022-38105 was published Jan 10, 2023

A denial of service vulnerability exists in the cfg_server cm_processConnDiagPktList opcode of... High Unreviewed

CVE-2022-38393 was published Jan 10, 2023

The MsIo64.sys component in Asus Aura Sync through v1.07.79 does not properly validate input to... High Unreviewed

CVE-2022-44898 was published Dec 14, 2022

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2022-4221 was published Dec 1, 2022

Asus RT-N12E 2.0.0.39 is affected by an incorrect access control vulnerability. Through system... High Unreviewed

CVE-2020-23648 was published Oct 19, 2022

AsusSoftwareManager.exe in ASUS System Control Interface on ASUS personal computers (running... Moderate Unreviewed

CVE-2022-36439 was published Oct 18, 2022

AsusSwitch.exe on ASUS personal computers (running Windows) sets weak file permissions, leading... High Unreviewed

CVE-2022-36438 was published Oct 18, 2022

A stack overflow vulnerability exists in the httpd service in ASUS RT-AX56U Router Version 3.0.0... High Unreviewed

CVE-2021-40556 was published Oct 6, 2022

An HTTP response splitting attack in web application in ASUS RT-AX88U before v3.0.0.4.388.20558... Moderate Unreviewed

CVE-2021-41437 was published Sep 27, 2022

There is an unquoted service path in ASUSTeK Aura Ready Game SDK service (GameSDK.exe) 1.0.0.4.... High Unreviewed

CVE-2022-35899 was published Jul 22, 2022

ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin... Critical Unreviewed

CVE-2021-43702 was published Jul 6, 2022

Cross Site Scripting (XSS) vulnerability in router Asus DSL-N14U-B1 1.1.2.3_805 via the "*list"... Moderate Unreviewed

CVE-2022-32988 was published Jul 2, 2022

ASUS Control Center API has a broken access control vulnerability. An unauthenticated remote... High Unreviewed

CVE-2022-26668 was published Jun 21, 2022

ASUS Control Center is vulnerable to SQL injection. An authenticated remote attacker with general... High Unreviewed

CVE-2022-26669 was published Jun 21, 2022

ASUS RT-N53 3.0.0.4.376.3754 has a command injection vulnerability in the SystemCmd parameter of... Critical Unreviewed

CVE-2022-31874 was published Jun 18, 2022

The specific function in ASUS BMC’s firmware Web management page (Delete video file function)... Moderate Unreviewed

CVE-2021-28209 was published May 24, 2022

The Service configuration-1 function in ASUS BMC’s firmware Web management page does not verify... Moderate Unreviewed

CVE-2021-28201 was published May 24, 2022

The specific function in ASUS BMC’s firmware Web management page (Modify user’s information... Moderate Unreviewed

CVE-2021-28188 was published May 24, 2022

The Active Directory configuration function in ASUS BMC’s firmware Web management page does not... Moderate Unreviewed

CVE-2021-28197 was published May 24, 2022

The UEFI configuration function in ASUS BMC’s firmware Web management page does not verify the... Moderate Unreviewed

CVE-2021-28178 was published May 24, 2022

The specific function in ASUS BMC’s firmware Web management page (Generate new SSL certificate)... Moderate Unreviewed

CVE-2021-28187 was published May 24, 2022

The Web Service configuration function in ASUS BMC’s firmware Web management page does not verify... Moderate Unreviewed

CVE-2021-28182 was published May 24, 2022

The specific function in ASUS BMC’s firmware Web management page (Delete SOL video file function)... Moderate Unreviewed

CVE-2021-28205 was published May 24, 2022

The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the... Moderate Unreviewed

CVE-2021-28195 was published May 24, 2022

Previous 1 2 3 4 5 6 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

302 advisories