Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,089
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

3,410 advisories

Loading
Lack of an access control check in the External Status Check feature allowed any authenticated... Moderate Unreviewed
CVE-2021-39916 was published Dec 14, 2021
An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. A user row was not... Critical Unreviewed
CVE-2022-23795 was published Mar 31, 2022
In stopVpnProfile of Vpn.java, there is a possible VPN profile reset due to a permissions bypass.... High Unreviewed
CVE-2021-0649 was published Dec 16, 2021
Vivoh Webinar Manager before 3.6.3.0 has improper API authentication. When a user logs in to the... Moderate Unreviewed
CVE-2021-45900 was published Apr 1, 2022
Improper cleaning of secure memory between authenticated users can lead to face authentication... High Unreviewed
CVE-2021-1950 was published Apr 2, 2022
A vulnerability classified as critical was found in SourceCodester One Church Management System 1... Critical Unreviewed
CVE-2022-1084 was published Mar 30, 2022
Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code... Critical Unreviewed
CVE-2021-44515 was published Dec 13, 2021
Clementine Music Player through 1.3.1 is vulnerable to a User Mode Write Access Violation,... High Unreviewed
CVE-2021-40826 was published Dec 16, 2021
A vulnerability in the authentication logic of Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker... Critical Unreviewed
CVE-2019-9564 was published Mar 31, 2022
Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 does not protect... Critical Unreviewed
CVE-2021-32980 was published Apr 5, 2022
Wyse Device Agent version 14.6.1.4 and below contain an Improper Authentication vulnerability. A... Moderate Unreviewed
CVE-2022-23156 was published Apr 2, 2022
A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s):... High Unreviewed
CVE-2022-23699 was published Apr 5, 2022
All programming connections receive the same unlocked privileges, which can result in a privilege... Critical Unreviewed
CVE-2021-32984 was published Apr 5, 2022
Improper authorization in GitLab Pages included with GitLab CE/EE affecting all versions from 11... Moderate Unreviewed
CVE-2022-1148 was published Apr 5, 2022
Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and... High Unreviewed
CVE-2022-25915 was published Apr 1, 2022
An Access Control vulnerability exists in CLARO KAON CG3000 1.00.67 in the router configuration,... High Unreviewed
CVE-2021-43483 was published Apr 9, 2022
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6... High Unreviewed
CVE-2021-45505 was published Dec 27, 2021
NETGEAR XR1000 devices before 1.0.0.58 are affected by authentication bypass. High Unreviewed
CVE-2021-45510 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24... Critical Unreviewed
CVE-2021-45508 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6... High Unreviewed
CVE-2021-45506 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects R6900P before 1.3.3... High Unreviewed
CVE-2021-45499 was published Dec 27, 2021
Improper authentication vulnerability in SecretMode in Samsung Internet prior to version 16.2.1... Moderate Unreviewed
CVE-2022-27839 was published Apr 12, 2022
Certain NETGEAR devices are affected by authentication bypass. This affects R7000P before 1.3.3... High Unreviewed
CVE-2021-45500 was published Dec 27, 2021
NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass. Critical Unreviewed
CVE-2021-45496 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects AC2100 before 2021-08... Critical Unreviewed
CVE-2021-45511 was published Dec 27, 2021
ProTip! Advisories are also available from the GraphQL API