Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,614
NuGet
638
pip
3,225
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

301 advisories

Loading
The CD media configuration function in ASUS BMC’s firmware Web management page does not verify... Moderate Unreviewed
CVE-2021-28200 was published May 24, 2022
ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of... Low Unreviewed
CVE-2021-37910 was published May 24, 2022
ASUSTek ZenBook Pro Due 15 UX582 laptop firmware through 203 has Insecure Permissions that allow... Moderate Unreviewed
CVE-2021-42055 was published May 24, 2022
ASUS ROG Armoury Crate Lite before 4.2.10 allows local users to gain privileges by placing a... High Unreviewed
CVE-2021-40981 was published May 24, 2022
A vulnerability exists in Broadcom BCM4352 and BCM43684 chips. Any wireless router using BCM4352... Moderate Unreviewed
CVE-2021-34174 was published May 24, 2022
The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows... Critical Unreviewed
CVE-2021-32030 was published May 24, 2022
In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386... High Unreviewed
CVE-2021-3128 was published May 24, 2022
AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to... Moderate Unreviewed
CVE-2021-28686 was published May 24, 2022
AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to... High Unreviewed
CVE-2021-28685 was published May 24, 2022
The UX360CA BIOS through 303 on ASUS laptops allow an attacker (with the ring 0 privilege) to... High Unreviewed
CVE-2021-26943 was published May 24, 2022
Denial of service in ASUSWRT ASUS RT-AX3000 firmware versions 3.0.0.4.384_10177 and earlier... High Unreviewed
CVE-2021-3229 was published May 24, 2022
ASUS RT-AX86U router firmware below version under 9.0.0.4_386 has a buffer overflow in the... Critical Unreviewed
CVE-2020-36109 was published May 24, 2022
An issue was discovered on ASUS DSL-N14U-B1 1.1.2.3_805 devices. An attacker can upload arbitrary... High Unreviewed
CVE-2021-3166 was published May 24, 2022
The ASUS DSL-N17U modem with firmware 1.1.0.2 allows attackers to access the admin interface by... Critical Unreviewed
CVE-2020-35219 was published May 24, 2022
An issue was discovered on ASUS RT-AC1900P routers before 3.0.0.4.385_20253. They allow XSS via... Moderate Unreviewed
CVE-2020-15499 was published May 24, 2022
An issue was discovered on ASUS RT-AC1900P routers before 3.0.0.4.385_20253. The router accepts... Moderate Unreviewed
CVE-2020-15498 was published May 24, 2022
AsusScreenXpertServicec.exe and ScreenXpertUpgradeServiceManager.exe in ScreenPad2_Upgrade_Tool... Moderate Unreviewed
CVE-2020-15009 was published May 24, 2022
Ene.sys in Asus Aura Sync through 1.07.71 does not properly validate input to IOCTL 0x80102044,... High Unreviewed
CVE-2019-17603 was published May 24, 2022
DevActSvc.exe in ASUS Device Activation before 1.0.7.0 for Windows 10 notebooks and PCs could... High Unreviewed
CVE-2020-10649 was published May 24, 2022
Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS... Moderate Unreviewed
CVE-2018-8878 was published May 24, 2022
Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS... Moderate Unreviewed
CVE-2018-8877 was published May 24, 2022
ASUS WRT-AC66U 3 RT 3.0.0.4.372_67 devices allow XSS via the Client Name field to the Parental... Moderate Unreviewed
CVE-2020-7997 was published May 24, 2022
An issue was discovered on ASUS HG100 1.05.12, WS-101 1.05.12, and TS-101 1.05.12 devices using... High Unreviewed
CVE-2019-15911 was published May 24, 2022
An issue was discovered on ASUS HG100 1.05.12, WS-101 1.05.12, and TS-101 1.05.12 devices using... Moderate Unreviewed
CVE-2019-15910 was published May 24, 2022
An issue was discovered on ASUS HG100 1.05.12, WS-101 1.05.12, and TS-101 1.05.12 devices using... Moderate Unreviewed
CVE-2019-15912 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API