GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
39 advisories
Filter by severity
A brute-force protection bypass in CAPTCHA protection in ASUS ROG Rapture GT-AX11000, RT-AX3000,...
Critical
Unreviewed
CVE-2021-41435
was published
Nov 20, 2021
ASUS RT-N53 3.0.0.4.376.3754 devices have a buffer overflow via a long lan_dns1_x or lan_dns2_x...
Critical
Unreviewed
CVE-2019-20082
was published
Dec 29, 2021
The System Diagnosis service of MyASUS before 3.1.2.0 allows privilege escalation.
Critical
Unreviewed
CVE-2022-22814
was published
Mar 11, 2022
Asus RT-AC68U <3.0.0.4.385.20633 and RT-AC5300 <3.0.0.4.384.82072 are affected by a buffer...
Critical
Unreviewed
CVE-2021-45756
was published
Mar 24, 2022
ASUS RT-AX88U has a Format String vulnerability, which allows an unauthenticated remote attacker...
Critical
Unreviewed
CVE-2022-26674
was published
Apr 23, 2022
Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900...
Critical
Unreviewed
CVE-2018-9285
was published
May 13, 2022
A command injection vulnerability exists in apply.cgi on the ASUS RP-AC52 access point, firmware...
Critical
Unreviewed
CVE-2016-6558
was published
May 13, 2022
ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, DSL-AC56U, DSL-N10_C1, DSL-N12U C1...
Critical
Unreviewed
CVE-2017-14698
was published
May 13, 2022
ASUS HG100 devices with firmware before 1.05.12 allow unauthenticated access, leading to remote...
Critical
Unreviewed
CVE-2018-11491
was published
May 14, 2022
ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware...
Critical
Unreviewed
CVE-2018-8826
was published
May 14, 2022
Multiple buffer overflow vulnerabilities exist in the HTTPd server in Asus asuswrt version <=3.0...
Critical
Unreviewed
CVE-2017-15655
was published
May 14, 2022
Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS...
Critical
Unreviewed
CVE-2017-11420
was published
May 17, 2022
Buffer overflows in networkmap on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U,...
Critical
Unreviewed
CVE-2017-6548
was published
May 17, 2022
Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long...
Critical
Unreviewed
CVE-2013-4659
was published
May 17, 2022
System command injection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows...
Critical
Unreviewed
CVE-2018-14714
was published
May 24, 2022
The ASUS Vivobaby application before 1.1.09 for Android has Missing SSL Certificate Validation.
Critical
Unreviewed
CVE-2017-17944
was published
May 24, 2022
The ASUS HiVivo aspplication before 5.6.27 for ASUS Watch has Missing SSL Certificate Validation.
Critical
Unreviewed
CVE-2017-17945
was published
May 24, 2022
AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overflow associated...
Critical
Unreviewed
CVE-2019-10709
was published
May 24, 2022
The ASUS DSL-N17U modem with firmware 1.1.0.2 allows attackers to access the admin interface by...
Critical
Unreviewed
CVE-2020-35219
was published
May 24, 2022
ASUS RT-AX86U router firmware below version under 9.0.0.4_386 has a buffer overflow in the...
Critical
Unreviewed
CVE-2020-36109
was published
May 24, 2022
The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows...
Critical
Unreviewed
CVE-2021-32030
was published
May 24, 2022
ASUS RT-N53 3.0.0.4.376.3754 has a command injection vulnerability in the SystemCmd parameter of...
Critical
Unreviewed
CVE-2022-31874
was published
Jun 18, 2022
ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin...
Critical
Unreviewed
CVE-2021-43702
was published
Jul 6, 2022
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
Critical
Unreviewed
CVE-2022-4221
was published
Dec 1, 2022
Directory Traversal vulnerability in Cloud Disk in ASUS RT-AC68U router firmware version before 3...
Critical
Unreviewed
CVE-2021-37317
was published
Feb 3, 2023
ProTip!
Advisories are also available from the
GraphQL API