GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,765
Maven
4,990
npm
3,536
NuGet
616
pip
3,105
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
296 advisories
Filter by severity
AsusSoftwareManager.exe in ASUS System Control Interface on ASUS personal computers (running...
Moderate
Unreviewed
CVE-2022-36439
was published
Oct 18, 2022
AsusSwitch.exe on ASUS personal computers (running Windows) sets weak file permissions, leading...
High
Unreviewed
CVE-2022-36438
was published
Oct 18, 2022
A stack overflow vulnerability exists in the httpd service in ASUS RT-AX56U Router Version 3.0.0...
High
Unreviewed
CVE-2021-40556
was published
Oct 6, 2022
An HTTP response splitting attack in web application in ASUS RT-AX88U before v3.0.0.4.388.20558...
Moderate
Unreviewed
CVE-2021-41437
was published
Sep 27, 2022
There is an unquoted service path in ASUSTeK Aura Ready Game SDK service (GameSDK.exe) 1.0.0.4....
High
Unreviewed
CVE-2022-35899
was published
Jul 22, 2022
ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin...
Critical
Unreviewed
CVE-2021-43702
was published
Jul 6, 2022
Cross Site Scripting (XSS) vulnerability in router Asus DSL-N14U-B1 1.1.2.3_805 via the "*list"...
Moderate
Unreviewed
CVE-2022-32988
was published
Jul 2, 2022
ASUS Control Center is vulnerable to SQL injection. An authenticated remote attacker with general...
High
Unreviewed
CVE-2022-26669
was published
Jun 21, 2022
ASUS Control Center API has a broken access control vulnerability. An unauthenticated remote...
High
Unreviewed
CVE-2022-26668
was published
Jun 21, 2022
ASUS RT-N53 3.0.0.4.376.3754 has a command injection vulnerability in the SystemCmd parameter of...
Critical
Unreviewed
CVE-2022-31874
was published
Jun 18, 2022
The specific function in ASUS BMC’s firmware Web management page (Delete video file function)...
Moderate
Unreviewed
CVE-2021-28209
was published
May 24, 2022
The Service configuration-1 function in ASUS BMC’s firmware Web management page does not verify...
Moderate
Unreviewed
CVE-2021-28201
was published
May 24, 2022
The specific function in ASUS BMC’s firmware Web management page (Modify user’s information...
Moderate
Unreviewed
CVE-2021-28188
was published
May 24, 2022
The Active Directory configuration function in ASUS BMC’s firmware Web management page does not...
Moderate
Unreviewed
CVE-2021-28197
was published
May 24, 2022
The UEFI configuration function in ASUS BMC’s firmware Web management page does not verify the...
Moderate
Unreviewed
CVE-2021-28178
was published
May 24, 2022
The specific function in ASUS BMC’s firmware Web management page (Generate new SSL certificate)...
Moderate
Unreviewed
CVE-2021-28187
was published
May 24, 2022
The Web Service configuration function in ASUS BMC’s firmware Web management page does not verify...
Moderate
Unreviewed
CVE-2021-28182
was published
May 24, 2022
The specific function in ASUS BMC’s firmware Web management page (Delete SOL video file function)...
Moderate
Unreviewed
CVE-2021-28205
was published
May 24, 2022
The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the...
Moderate
Unreviewed
CVE-2021-28195
was published
May 24, 2022
The specific function in ASUS BMC’s firmware Web management page (Generate SSL certificate...
Moderate
Unreviewed
CVE-2021-28196
was published
May 24, 2022
The specific function in ASUS BMC’s firmware Web management page (Get video file function) does...
Moderate
Unreviewed
CVE-2021-28208
was published
May 24, 2022
The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the...
Moderate
Unreviewed
CVE-2021-28175
was published
May 24, 2022
The DNS configuration function in ASUS BMC’s firmware Web management page does not verify the...
Moderate
Unreviewed
CVE-2021-28176
was published
May 24, 2022
The specific function in ASUS BMC’s firmware Web management page (Remote video storage function)...
Moderate
Unreviewed
CVE-2021-28192
was published
May 24, 2022
The specific function in ASUS BMC’s firmware Web management page (Record video file function)...
Moderate
Unreviewed
CVE-2021-28206
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API