Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

267 advisories

Loading
When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows... Critical Unreviewed
CVE-2022-25251 was published Mar 17, 2022
Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an... Critical Unreviewed
CVE-2022-25247 was published Mar 17, 2022
A vulnerability is in the 'wx.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6... Critical Unreviewed
CVE-2021-44259 was published Mar 18, 2022
AVEVA System Platform versions 2017 through 2020 R2 P01 does not perform any authentication for... Critical Unreviewed
CVE-2021-33008 was published Apr 5, 2022
In Totolink A3100R V5.9c.4577, multiple pages can be read by curl or Burp Suite without... Critical Unreviewed
CVE-2021-46009 was published Apr 1, 2022
An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip... Critical Unreviewed
CVE-2021-28506 was published Jan 15, 2022
The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not... Critical Unreviewed
CVE-2022-28660 was published May 21, 2022
Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) allow Authentication... Critical Unreviewed
CVE-2020-25218 was published May 24, 2022
Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5... Critical Unreviewed
CVE-2020-36239 was published May 24, 2022
Tad Book3 editing book page does not perform identity verification. Remote attackers can use the... Critical Unreviewed
CVE-2021-41974 was published May 24, 2022
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6),... Critical Unreviewed
CVE-2022-30230 was published Jun 15, 2022
Authentication Bypass vulnerability in the web interface in McAfee Advanced Threat Defense (ATD)... Critical Unreviewed
CVE-2017-4052 was published May 17, 2022
In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0,... Critical Unreviewed
CVE-2017-10804 was published May 17, 2022
A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The... Critical Unreviewed
CVE-2021-44222 was published Jul 13, 2022
OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 allows remote attackers to execute arbitrary... Critical Unreviewed
CVE-2016-5053 was published May 17, 2022
An issue was discovered in Smiths-Medical CADD-Solis Medication Safety Software, Version 1.0; 2.0... Critical Unreviewed
CVE-2016-8355 was published May 17, 2022
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker... Critical Unreviewed
CVE-2022-20858 was published Jul 22, 2022
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Lack of... Critical Unreviewed
CVE-2017-5162 was published May 17, 2022
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a missing... Critical Unreviewed
CVE-2022-22526 was published Sep 29, 2022
Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. It... Critical Unreviewed
CVE-2022-29952 was published Jul 27, 2022
JTEKT TOYOPUC PLCs through 2022-04-29 mishandle authentication. They utilize the CMPLink/TCP... Critical Unreviewed
CVE-2022-29951 was published Jul 27, 2022
Multiple W&T products of the ComServer Series are prone to an authentication bypass. An... Critical Unreviewed
CVE-2022-42785 was published Nov 16, 2022
A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580,... Critical Unreviewed
CVE-2019-6808 was published May 24, 2022
The administrative web server component of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO... Critical Unreviewed
CVE-2019-8993 was published May 24, 2022
An issue was discovered in upgrade_htmls.cgi on VStarcam 100T (C7824WIP) KR75.8.53.20 and 200V ... Critical Unreviewed
CVE-2019-12288 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API