Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

99 advisories

Loading
The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the... Moderate Unreviewed
CVE-2021-28195 was published May 24, 2022
The specific function in ASUS BMC’s firmware Web management page (Delete SOL video file function)... Moderate Unreviewed
CVE-2021-28205 was published May 24, 2022
The Web Service configuration function in ASUS BMC’s firmware Web management page does not verify... Moderate Unreviewed
CVE-2021-28182 was published May 24, 2022
The specific function in ASUS BMC’s firmware Web management page (Generate new SSL certificate)... Moderate Unreviewed
CVE-2021-28187 was published May 24, 2022
The UEFI configuration function in ASUS BMC’s firmware Web management page does not verify the... Moderate Unreviewed
CVE-2021-28178 was published May 24, 2022
The Active Directory configuration function in ASUS BMC’s firmware Web management page does not... Moderate Unreviewed
CVE-2021-28197 was published May 24, 2022
The Service configuration-1 function in ASUS BMC’s firmware Web management page does not verify... Moderate Unreviewed
CVE-2021-28201 was published May 24, 2022
The specific function in ASUS BMC’s firmware Web management page (Modify user’s information... Moderate Unreviewed
CVE-2021-28188 was published May 24, 2022
The specific function in ASUS BMC’s firmware Web management page (Delete video file function)... Moderate Unreviewed
CVE-2021-28209 was published May 24, 2022
Cross Site Scripting (XSS) vulnerability in router Asus DSL-N14U-B1 1.1.2.3_805 via the "*list"... Moderate Unreviewed
CVE-2022-32988 was published Jul 2, 2022
An HTTP response splitting attack in web application in ASUS RT-AX88U before v3.0.0.4.388.20558... Moderate Unreviewed
CVE-2021-41437 was published Sep 27, 2022
AsusSoftwareManager.exe in ASUS System Control Interface on ASUS personal computers (running... Moderate Unreviewed
CVE-2022-36439 was published Oct 18, 2022
A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set... Moderate Unreviewed
CVE-2023-1079 was published Mar 27, 2023
A Cross-site scripting (XSS) vulnerability in the System Log/General Log page of the... Moderate Unreviewed
CVE-2023-29772 was published May 2, 2023
** UNSUPPORTED WHEN ASSIGNED ** A stored cross-site scripting (XSS) vulnerability in the... Moderate Unreviewed
CVE-2023-34941 was published Jun 12, 2023
ASUS Router RT-AX3000 Firmware versions prior to 3.0.0.4.388.23403 uses sensitive cookies without... Moderate Unreviewed
CVE-2023-31195 was published Jun 13, 2023
A stored cross-site scripting (XSS) issue was discovered within the Custom User Icons... Moderate Unreviewed
CVE-2023-34360 was published Jul 31, 2023
CSV Injection vulnerability in the Asus RT-N12+ router allows administrator users to inject... Moderate Unreviewed
CVE-2024-28328 was published Apr 26, 2024
Incorrect Access Control in Asus RT-N12+ B1 routers allows local attackers to obtain root... Moderate Unreviewed
CVE-2024-28326 was published Apr 26, 2024
Asus RT-N12+ B1 router stores credentials in cleartext, which could allow local attackers to... Moderate Unreviewed
CVE-2024-28325 was published Apr 26, 2024
An issue discovered in httpd in ASUS RT-AC51U with firmware version up to and including 3.0.0.4... Moderate Unreviewed
CVE-2023-31889 was published Apr 29, 2024
ASUS RT-AX92U lighttpd mod_webdav.so SQL Injection Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2023-35720 was published May 3, 2024
The parameter used in the certain page of ASUS Download Master is not properly filtered for user... Moderate Unreviewed
CVE-2024-31159 was published Jun 14, 2024
The parameter used in the certain page of ASUS Download Master is not properly filtered for user... Moderate Unreviewed
CVE-2024-31160 was published Jun 14, 2024
ProTip! Advisories are also available from the GraphQL API