Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

299 advisories

Loading
A vulnerability has been identified in SCALANCE X-200RNA switch family (All versions), SCALANCE X... High Unreviewed
CVE-2019-13933 was published May 24, 2022
SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not... High Unreviewed
CVE-2020-6287 was published May 24, 2022
Asus RT-N12E 2.0.0.39 is affected by an incorrect access control vulnerability. Through system... High Unreviewed
CVE-2020-23648 was published Oct 19, 2022
The Micro Air Vehicle Link (MAVLink) protocol presents no authentication mechanism on its version... High Unreviewed
CVE-2020-10282 was published May 24, 2022
The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows... High Unreviewed
CVE-2019-19104 was published May 24, 2022
A remote authenticated authorization-bypass vulnerability in Wowza Streaming Engine 4.7.8 (build... High Unreviewed
CVE-2020-9004 was published May 24, 2022
An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its... High Unreviewed
CVE-2019-12524 was published May 24, 2022
The bootloader of the homee Brain Cube V2 through 2.23.0 allows attackers with physical access to... High Unreviewed
CVE-2019-16258 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2019-17146 was published May 24, 2022
Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.4 and... High Unreviewed
CVE-2019-5617 was published May 24, 2022
NVIDIA DGX Station contains a vulnerability in SBIOS in the SmiFlash, where a local user with... High Unreviewed
CVE-2022-42277 was published Jan 13, 2023
A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a... High Unreviewed
CVE-2019-6820 was published May 24, 2022
SOOTEWAY Wi-Fi Range Extender v1.5 was discovered to use default credentials (the admin password... High Unreviewed
CVE-2021-30028 was published May 21, 2022
Information disclosure: The main configuration, including users and their hashed passwords, is... High Unreviewed
CVE-2021-23858 was published May 24, 2022
Incorrect Access Control in Emerson Smart Wireless Gateway 1420 4.6.59 allows remote attackers to... High Unreviewed
CVE-2020-19419 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-35871 was published Jul 26, 2022
Smartwares HOME easy <=1.0.9 is vulnerable to an unauthenticated database backup download and... High Unreviewed
CVE-2020-21997 was published May 24, 2022
SAP Business Objects Business Intelligence Platform (Live Data Connect), versions 1.0, 2.0, 2.x,... High Unreviewed
CVE-2020-6242 was published May 24, 2022
The Emerson DeltaV Distributed Control System (DCS) through 2022-04-29 mishandles authentication.... High Unreviewed
CVE-2022-29957 was published Jul 27, 2022
Apache Hive before 3.1.3 `CREATE` and `DROP` function operations do not check for necessary authorization. High
CVE-2021-34538 was published for org.apache.hive:hive (Maven) Jul 17, 2022
The affected product is vulnerable due to missing authentication, which may allow an attacker to... High Unreviewed
CVE-2022-2138 was published Jul 23, 2022
Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware... High Unreviewed
CVE-2016-7830 was published May 17, 2022
In all Android releases from CAF using the Linux kernel, the Hypervisor API could be misused to... High Unreviewed
CVE-2015-9030 was published May 17, 2022
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S ... High Unreviewed
CVE-2022-33138 was published Jul 13, 2022
Exploitation of Authentication vulnerability in the web interface in McAfee Advanced Threat... High Unreviewed
CVE-2017-4055 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API