GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,089
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
3,410 advisories
Filter by severity
Lack of an access control check in the External Status Check feature allowed any authenticated...
Moderate
Unreviewed
CVE-2021-39916
was published
Dec 14, 2021
An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. A user row was not...
Critical
Unreviewed
CVE-2022-23795
was published
Mar 31, 2022
In stopVpnProfile of Vpn.java, there is a possible VPN profile reset due to a permissions bypass....
High
Unreviewed
CVE-2021-0649
was published
Dec 16, 2021
Vivoh Webinar Manager before 3.6.3.0 has improper API authentication. When a user logs in to the...
Moderate
Unreviewed
CVE-2021-45900
was published
Apr 1, 2022
Improper cleaning of secure memory between authenticated users can lead to face authentication...
High
Unreviewed
CVE-2021-1950
was published
Apr 2, 2022
A vulnerability classified as critical was found in SourceCodester One Church Management System 1...
Critical
Unreviewed
CVE-2022-1084
was published
Mar 30, 2022
Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code...
Critical
Unreviewed
CVE-2021-44515
was published
Dec 13, 2021
Clementine Music Player through 1.3.1 is vulnerable to a User Mode Write Access Violation,...
High
Unreviewed
CVE-2021-40826
was published
Dec 16, 2021
A vulnerability in the authentication logic of Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker...
Critical
Unreviewed
CVE-2019-9564
was published
Mar 31, 2022
Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 does not protect...
Critical
Unreviewed
CVE-2021-32980
was published
Apr 5, 2022
Wyse Device Agent version 14.6.1.4 and below contain an Improper Authentication vulnerability. A...
Moderate
Unreviewed
CVE-2022-23156
was published
Apr 2, 2022
A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s):...
High
Unreviewed
CVE-2022-23699
was published
Apr 5, 2022
All programming connections receive the same unlocked privileges, which can result in a privilege...
Critical
Unreviewed
CVE-2021-32984
was published
Apr 5, 2022
Improper authorization in GitLab Pages included with GitLab CE/EE affecting all versions from 11...
Moderate
Unreviewed
CVE-2022-1148
was published
Apr 5, 2022
Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and...
High
Unreviewed
CVE-2022-25915
was published
Apr 1, 2022
An Access Control vulnerability exists in CLARO KAON CG3000 1.00.67 in the router configuration,...
High
Unreviewed
CVE-2021-43483
was published
Apr 9, 2022
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6...
High
Unreviewed
CVE-2021-45505
was published
Dec 27, 2021
NETGEAR XR1000 devices before 1.0.0.58 are affected by authentication bypass.
High
Unreviewed
CVE-2021-45510
was published
Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24...
Critical
Unreviewed
CVE-2021-45508
was published
Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6...
High
Unreviewed
CVE-2021-45506
was published
Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects R6900P before 1.3.3...
High
Unreviewed
CVE-2021-45499
was published
Dec 27, 2021
Improper authentication vulnerability in SecretMode in Samsung Internet prior to version 16.2.1...
Moderate
Unreviewed
CVE-2022-27839
was published
Apr 12, 2022
Certain NETGEAR devices are affected by authentication bypass. This affects R7000P before 1.3.3...
High
Unreviewed
CVE-2021-45500
was published
Dec 27, 2021
NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass.
Critical
Unreviewed
CVE-2021-45496
was published
Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects AC2100 before 2021-08...
Critical
Unreviewed
CVE-2021-45511
was published
Dec 27, 2021
ProTip!
Advisories are also available from the
GraphQL API