GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,029
Erlang
29
GitHub Actions
16
Go
1,833
Maven
5,000+
npm
3,573
NuGet
632
pip
3,160
Pub
10
RubyGems
847
Rust
798
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
146 advisories
Filter by severity
The specific function in ASUS BMC’s firmware Web management page (Modify user’s information...
High
Unreviewed
CVE-2021-28204
was published
May 24, 2022
ASUS Control Center API has a broken access control vulnerability. An unauthenticated remote...
High
Unreviewed
CVE-2022-26668
was published
Jun 21, 2022
ASUS Control Center is vulnerable to SQL injection. An authenticated remote attacker with general...
High
Unreviewed
CVE-2022-26669
was published
Jun 21, 2022
There is an unquoted service path in ASUSTeK Aura Ready Game SDK service (GameSDK.exe) 1.0.0.4....
High
Unreviewed
CVE-2022-35899
was published
Jul 22, 2022
A stack overflow vulnerability exists in the httpd service in ASUS RT-AX56U Router Version 3.0.0...
High
Unreviewed
CVE-2021-40556
was published
Oct 6, 2022
AsusSwitch.exe on ASUS personal computers (running Windows) sets weak file permissions, leading...
High
Unreviewed
CVE-2022-36438
was published
Oct 18, 2022
Asus RT-N12E 2.0.0.39 is affected by an incorrect access control vulnerability. Through system...
High
Unreviewed
CVE-2020-23648
was published
Oct 19, 2022
The MsIo64.sys component in Asus Aura Sync through v1.07.79 does not properly validate input to...
High
Unreviewed
CVE-2022-44898
was published
Dec 14, 2022
A denial of service vulnerability exists in the cfg_server cm_processConnDiagPktList opcode of...
High
Unreviewed
CVE-2022-38393
was published
Jan 10, 2023
An information disclosure vulnerability exists in the cm_processREQ_NC opcode of Asus RT-AX82U 3...
High
Unreviewed
CVE-2022-38105
was published
Jan 10, 2023
An authentication bypass vulnerability exists in the get_IFTTTTtoken.cgi functionality of Asus RT...
High
Unreviewed
CVE-2022-35401
was published
Jan 10, 2023
SQL injection vulnerability in Cloud Disk in ASUS RT-AC68U router firmware version before 3.0.0.4...
High
Unreviewed
CVE-2021-37316
was published
Feb 3, 2023
ASUS EC Tool driver (aka d.sys) 1beb15c90dcf7a5234ed077833a0a3e900969b60be1d04fcebce0a9f8994bdbb,...
High
Unreviewed
CVE-2022-42455
was published
Feb 15, 2023
ASUS RT-AC86U does not filter special characters for parameters in specific web URLs. A remote...
High
Unreviewed
CVE-2023-28702
was published
Jun 2, 2023
** UNSUPPORTED WHEN ASSIGNED ** Asus RT-N10LX Router v2.0.0.39 was discovered to contain a stack...
High
Unreviewed
CVE-2023-34942
was published
Jun 12, 2023
** UNSUPPORTED WHEN ASSIGNED ** Asus RT-N10LX Router v2.0.0.39 was discovered to contain a stack...
High
Unreviewed
CVE-2023-34940
was published
Jun 12, 2023
ASUS RT-AC86U’s specific cgi function has a stack-based buffer overflow vulnerability due to...
High
Unreviewed
CVE-2023-28703
was published
Jul 6, 2023
It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This...
High
Unreviewed
CVE-2023-35086
was published
Jul 21, 2023
ASUS SetupAsusServices v1.0.5.1 in Asus Armoury Crate v5.3.4.0 contains an unquoted service path...
High
Unreviewed
CVE-2023-26911
was published
Jul 26, 2023
ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send...
High
Unreviewed
CVE-2023-34359
was published
Jul 31, 2023
ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send...
High
Unreviewed
CVE-2023-34358
was published
Jul 31, 2023
ASUS RT-AC66U B1 3.0.0.4.286_51665 was discovered to transmit sensitive information in cleartext.
High
Unreviewed
CVE-2023-39086
was published
Aug 8, 2023
ASUS RT-AC86U Adaptive QoS - Web History function has insufficient filtering of special...
High
Unreviewed
CVE-2023-38031
was published
Sep 7, 2023
ASUS RT-AC86U AiProtection security- related function has insufficient filtering of special...
High
Unreviewed
CVE-2023-38032
was published
Sep 7, 2023
ASUS RT-AC86U Traffic Analyzer - Apps analysis function has insufficient filtering of special...
High
Unreviewed
CVE-2023-39237
was published
Sep 7, 2023
ProTip!
Advisories are also available from the
GraphQL API