GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,614
NuGet
638
pip
3,225
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
301 advisories
Filter by severity
The CD media configuration function in ASUS BMC’s firmware Web management page does not verify...
Moderate
Unreviewed
CVE-2021-28200
was published
May 24, 2022
ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of...
Low
Unreviewed
CVE-2021-37910
was published
May 24, 2022
ASUSTek ZenBook Pro Due 15 UX582 laptop firmware through 203 has Insecure Permissions that allow...
Moderate
Unreviewed
CVE-2021-42055
was published
May 24, 2022
ASUS ROG Armoury Crate Lite before 4.2.10 allows local users to gain privileges by placing a...
High
Unreviewed
CVE-2021-40981
was published
May 24, 2022
A vulnerability exists in Broadcom BCM4352 and BCM43684 chips. Any wireless router using BCM4352...
Moderate
Unreviewed
CVE-2021-34174
was published
May 24, 2022
The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows...
Critical
Unreviewed
CVE-2021-32030
was published
May 24, 2022
In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386...
High
Unreviewed
CVE-2021-3128
was published
May 24, 2022
AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to...
Moderate
Unreviewed
CVE-2021-28686
was published
May 24, 2022
AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to...
High
Unreviewed
CVE-2021-28685
was published
May 24, 2022
The UX360CA BIOS through 303 on ASUS laptops allow an attacker (with the ring 0 privilege) to...
High
Unreviewed
CVE-2021-26943
was published
May 24, 2022
Denial of service in ASUSWRT ASUS RT-AX3000 firmware versions 3.0.0.4.384_10177 and earlier...
High
Unreviewed
CVE-2021-3229
was published
May 24, 2022
ASUS RT-AX86U router firmware below version under 9.0.0.4_386 has a buffer overflow in the...
Critical
Unreviewed
CVE-2020-36109
was published
May 24, 2022
An issue was discovered on ASUS DSL-N14U-B1 1.1.2.3_805 devices. An attacker can upload arbitrary...
High
Unreviewed
CVE-2021-3166
was published
May 24, 2022
The ASUS DSL-N17U modem with firmware 1.1.0.2 allows attackers to access the admin interface by...
Critical
Unreviewed
CVE-2020-35219
was published
May 24, 2022
An issue was discovered on ASUS RT-AC1900P routers before 3.0.0.4.385_20253. They allow XSS via...
Moderate
Unreviewed
CVE-2020-15499
was published
May 24, 2022
An issue was discovered on ASUS RT-AC1900P routers before 3.0.0.4.385_20253. The router accepts...
Moderate
Unreviewed
CVE-2020-15498
was published
May 24, 2022
AsusScreenXpertServicec.exe and ScreenXpertUpgradeServiceManager.exe in ScreenPad2_Upgrade_Tool...
Moderate
Unreviewed
CVE-2020-15009
was published
May 24, 2022
Ene.sys in Asus Aura Sync through 1.07.71 does not properly validate input to IOCTL 0x80102044,...
High
Unreviewed
CVE-2019-17603
was published
May 24, 2022
DevActSvc.exe in ASUS Device Activation before 1.0.7.0 for Windows 10 notebooks and PCs could...
High
Unreviewed
CVE-2020-10649
was published
May 24, 2022
Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS...
Moderate
Unreviewed
CVE-2018-8878
was published
May 24, 2022
Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS...
Moderate
Unreviewed
CVE-2018-8877
was published
May 24, 2022
ASUS WRT-AC66U 3 RT 3.0.0.4.372_67 devices allow XSS via the Client Name field to the Parental...
Moderate
Unreviewed
CVE-2020-7997
was published
May 24, 2022
An issue was discovered on ASUS HG100 1.05.12, WS-101 1.05.12, and TS-101 1.05.12 devices using...
High
Unreviewed
CVE-2019-15911
was published
May 24, 2022
An issue was discovered on ASUS HG100 1.05.12, WS-101 1.05.12, and TS-101 1.05.12 devices using...
Moderate
Unreviewed
CVE-2019-15910
was published
May 24, 2022
An issue was discovered on ASUS HG100 1.05.12, WS-101 1.05.12, and TS-101 1.05.12 devices using...
Moderate
Unreviewed
CVE-2019-15912
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API