GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,029
Erlang
29
GitHub Actions
16
Go
1,833
Maven
5,000+
npm
3,573
NuGet
632
pip
3,160
Pub
10
RubyGems
847
Rust
798
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
298 advisories
Filter by severity
A brute-force protection bypass in CAPTCHA protection in ASUS ROG Rapture GT-AX11000, RT-AX3000,...
Critical
Unreviewed
CVE-2021-41435
was published
Nov 20, 2021
An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55,...
High
Unreviewed
CVE-2021-41436
was published
Nov 20, 2021
ASUS RT-N53 3.0.0.4.376.3754 devices have a buffer overflow via a long lan_dns1_x or lan_dns2_x...
Critical
Unreviewed
CVE-2019-20082
was published
Dec 29, 2021
Invalid input sanitizing leads to reflected Cross Site Scripting (XSS) in ASUS RT-AC52U_B1 3.0.0...
Moderate
Unreviewed
CVE-2021-46109
was published
Jan 4, 2022
ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper...
High
Unreviewed
CVE-2021-44158
was published
Jan 4, 2022
ASUS RT-AX56U’s login function contains a path traversal vulnerability due to its inadequate...
Moderate
Unreviewed
CVE-2022-22054
was published
Jan 15, 2022
ASUS VivoMini/Mini PC device has an improper input validation vulnerability. A local attacker...
High
Unreviewed
CVE-2022-21933
was published
Jan 22, 2022
The use of a hard-coded cryptographic key significantly increases the possibility encrypted data...
High
Unreviewed
CVE-2021-46247
was published
Feb 18, 2022
The System Diagnosis service of MyASUS before 3.1.2.0 allows privilege escalation.
Critical
Unreviewed
CVE-2022-22814
was published
Mar 11, 2022
ASUS AC68U <=3.0.0.4.385.20852 is affected by a buffer overflow in blocking.cgi, which may cause...
High
Unreviewed
CVE-2021-45757
was published
Mar 24, 2022
Asus RT-AC68U <3.0.0.4.385.20633 and RT-AC5300 <3.0.0.4.384.82072 are affected by a buffer...
Critical
Unreviewed
CVE-2021-45756
was published
Mar 24, 2022
ASUS RT-AC86U has improper user request handling, which allows an unauthenticated LAN attacker to...
Moderate
Unreviewed
CVE-2022-25595
was published
Apr 8, 2022
ASUS RT-AX56U’s SQL handling function has an SQL injection vulnerability due to insufficient user...
High
Unreviewed
CVE-2022-23972
was published
Apr 8, 2022
ASUS RT-AC86U’s LPD service has insufficient filtering for special characters in the user request...
High
Unreviewed
CVE-2022-25597
was published
Apr 8, 2022
ASUS RT-AX56U’s update_PLC/PORT file has a path traversal vulnerability due to insufficient...
High
Unreviewed
CVE-2022-23971
was published
Apr 8, 2022
ASUS RT-AX56U’s user profile configuration function is vulnerable to stack-based buffer overflow...
High
Unreviewed
CVE-2022-23973
was published
Apr 8, 2022
ASUS RT-AC56U’s configuration function has a heap-based buffer overflow vulnerability due to...
High
Unreviewed
CVE-2022-25596
was published
Apr 8, 2022
ASUS RT-AX56U’s update_json function has a path traversal vulnerability due to insufficient...
High
Unreviewed
CVE-2022-23970
was published
Apr 8, 2022
ASUS RT-AX88U has a Format String vulnerability, which allows an unauthenticated remote attacker...
Critical
Unreviewed
CVE-2022-26674
was published
Apr 23, 2022
ASUS RT-AX88U has insufficient filtering for special characters in the HTTP header parameter. A...
Moderate
Unreviewed
CVE-2022-26673
was published
Apr 23, 2022
ASUS WebStorage has a hardcoded API Token in the APP source code. An unauthenticated remote...
High
Unreviewed
CVE-2022-26672
was published
Apr 23, 2022
Directory traversal vulnerability in the web server in Asus Video Security 3.5.0.0 and earlier...
Moderate
Unreviewed
CVE-2005-3490
was published
May 1, 2022
Buffer overflow in Asus Video Security 3.5.0.0 and earlier, when using authorization, allows...
High
Unreviewed
CVE-2005-3489
was published
May 1, 2022
Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (aka...
High
Unreviewed
CVE-2008-1491
was published
May 1, 2022
Asus SmartLogon 1.0.0005 allows physically proximate attackers to bypass "security functions" by...
Moderate
Unreviewed
CVE-2009-0656
was published
May 2, 2022
ProTip!
Advisories are also available from the
GraphQL API