GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
299 advisories
Filter by severity
An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a...
High
Unreviewed
CVE-2019-18666
was published
May 24, 2022
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55....
High
Unreviewed
CVE-2020-24580
was published
May 24, 2022
Missing Authentication for Critical Function in Foreman Ansible
High
CVE-2021-3589
was published
for
foreman_ansible
(RubyGems)
Mar 24, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected...
High
Unreviewed
CVE-2022-27645
was published
Mar 29, 2023
ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication...
High
Unreviewed
CVE-2019-5620
was published
May 24, 2022
An issue was discovered in Digi RealPort through 4.8.488.0. The 'encrypted' mode is vulnerable to...
High
Unreviewed
CVE-2021-35979
was published
May 24, 2022
XStream is vulnerable to a Remote Command Execution attack
High
CVE-2021-39144
was published
for
com.thoughtworks.xstream:xstream
(Maven)
Aug 25, 2021
An issue was discovered in Open Design Alliance Drawings SDK before 2023.3. An Out-of-Bounds Read...
High
Unreviewed
CVE-2022-28809
was published
Jul 18, 2022
A vulnerability classified as problematic has been found in SourceCodester Book Store Management...
High
Unreviewed
CVE-2022-4228
was published
Nov 30, 2022
An Uncontrolled Resource Consumption vulnerability in spacewalk-java of SUSE Manager Server 4.1,...
High
Unreviewed
CVE-2022-21952
was published
Jun 23, 2022
Due to missing authentication check, SAP Business one License service API - version 10.0 allows...
High
Unreviewed
CVE-2022-28771
was published
Jul 13, 2022
A vulnerability was found in SAP Information System 1.0 which has been rated as critical....
High
Unreviewed
CVE-2022-1248
was published
Apr 7, 2022
BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote...
High
Unreviewed
CVE-2014-4872
was published
May 17, 2022
Dapr Dashboard vulnerable to Incorrect Access Control
High
CVE-2022-38817
was published
for
github.com/dapr/dashboard
(Go)
Oct 4, 2022
Microweber Discloses Sensitive Information
High
CVE-2020-13405
was published
for
microweber/microweber
(Composer)
May 24, 2022
USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute...
High
Unreviewed
CVE-2022-23220
was published
Jan 22, 2022
The vulnerability allows an unprivileged user with access to the subnet of the TPC-110W device to...
High
Unreviewed
CVE-2023-41255
was published
Oct 25, 2023
The Android Client application, when enrolled with the define method 1(the user manually inserts...
High
Unreviewed
CVE-2023-45220
was published
Oct 25, 2023
The Android Client application, when enrolled to the AppHub server,connects to an MQTT broker...
High
Unreviewed
CVE-2023-45851
was published
Oct 25, 2023
Answer Missing Authentication for Critical Function
High
CVE-2023-4815
was published
for
github.com/answerdev/answer
(Go)
Sep 7, 2023
TOTOLINK X6000R V9.4.0cu.852_B20230719 is vulnerable to Incorrect Access Control.Attackers can...
High
Unreviewed
CVE-2023-46978
was published
Oct 31, 2023
Ivanti Avalanche Printer Device Service Missing Authentication Local Privilege Escalation...
High
Unreviewed
CVE-2022-43555
was published
Nov 3, 2023
Ivanti Avalanche Smart Device Service Missing Authentication Local Privilege Escalation...
High
Unreviewed
CVE-2022-43554
was published
Nov 3, 2023
In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external...
High
Unreviewed
CVE-2023-40598
was published
Aug 30, 2023
Dell PowerEdge BIOS contains an improper privilege management security vulnerability. An...
High
Unreviewed
CVE-2023-32460
was published
Dec 8, 2023
ProTip!
Advisories are also available from the
GraphQL API