Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

299 advisories

Loading
An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a... High Unreviewed
CVE-2019-18666 was published May 24, 2022
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55.... High Unreviewed
CVE-2020-24580 was published May 24, 2022
Missing Authentication for Critical Function in Foreman Ansible High
CVE-2021-3589 was published for foreman_ansible (RubyGems) Mar 24, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed
CVE-2022-27645 was published Mar 29, 2023
ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication... High Unreviewed
CVE-2019-5620 was published May 24, 2022
An issue was discovered in Digi RealPort through 4.8.488.0. The 'encrypted' mode is vulnerable to... High Unreviewed
CVE-2021-35979 was published May 24, 2022
XStream is vulnerable to a Remote Command Execution attack High
CVE-2021-39144 was published for com.thoughtworks.xstream:xstream (Maven) Aug 25, 2021
An issue was discovered in Open Design Alliance Drawings SDK before 2023.3. An Out-of-Bounds Read... High Unreviewed
CVE-2022-28809 was published Jul 18, 2022
A vulnerability classified as problematic has been found in SourceCodester Book Store Management... High Unreviewed
CVE-2022-4228 was published Nov 30, 2022
An Uncontrolled Resource Consumption vulnerability in spacewalk-java of SUSE Manager Server 4.1,... High Unreviewed
CVE-2022-21952 was published Jun 23, 2022
Due to missing authentication check, SAP Business one License service API - version 10.0 allows... High Unreviewed
CVE-2022-28771 was published Jul 13, 2022
A vulnerability was found in SAP Information System 1.0 which has been rated as critical.... High Unreviewed
CVE-2022-1248 was published Apr 7, 2022
BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote... High Unreviewed
CVE-2014-4872 was published May 17, 2022
Dapr Dashboard vulnerable to Incorrect Access Control High
CVE-2022-38817 was published for github.com/dapr/dashboard (Go) Oct 4, 2022
Microweber Discloses Sensitive Information High
CVE-2020-13405 was published for microweber/microweber (Composer) May 24, 2022
USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute... High Unreviewed
CVE-2022-23220 was published Jan 22, 2022
The vulnerability allows an unprivileged user with access to the subnet of the TPC-110W device to... High Unreviewed
CVE-2023-41255 was published Oct 25, 2023
The Android Client application, when enrolled with the define method 1(the user manually inserts... High Unreviewed
CVE-2023-45220 was published Oct 25, 2023
The Android Client application, when enrolled to the AppHub server,connects to an MQTT broker... High Unreviewed
CVE-2023-45851 was published Oct 25, 2023
Answer Missing Authentication for Critical Function High
CVE-2023-4815 was published for github.com/answerdev/answer (Go) Sep 7, 2023
TOTOLINK X6000R V9.4.0cu.852_B20230719 is vulnerable to Incorrect Access Control.Attackers can... High Unreviewed
CVE-2023-46978 was published Oct 31, 2023
Ivanti Avalanche Printer Device Service Missing Authentication Local Privilege Escalation... High Unreviewed
CVE-2022-43555 was published Nov 3, 2023
Ivanti Avalanche Smart Device Service Missing Authentication Local Privilege Escalation... High Unreviewed
CVE-2022-43554 was published Nov 3, 2023
In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external... High Unreviewed
CVE-2023-40598 was published Aug 30, 2023
Dell PowerEdge BIOS contains an improper privilege management security vulnerability. An... High Unreviewed
CVE-2023-32460 was published Dec 8, 2023
ProTip! Advisories are also available from the GraphQL API