Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,340
Erlang
31
GitHub Actions
22
Go
2,101
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+

367 advisories

Loading
A broken access control vulnerability found in Advan VD-1 firmware versions up to 230. An... High Unreviewed
CVE-2019-13406 was published May 24, 2022
A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker... High Unreviewed
CVE-2019-11061 was published May 24, 2022
Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making... High Unreviewed
CVE-2019-14511 was published May 24, 2022
A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1). The... High Unreviewed
CVE-2019-10915 was published May 24, 2022
In WESEEK GROWI before 3.5.0, a remote attacker can obtain the password hash of the creator of a... High Unreviewed
CVE-2019-13338 was published May 24, 2022
Lack of authentication in case-exporting components in DDRT Dashcom Live through 2019-05-08... High Unreviewed
CVE-2019-11019 was published May 24, 2022
Lack of authentication in file-viewing components in DDRT Dashcom Live 2019-05-09 allows anyone... High Unreviewed
CVE-2019-11020 was published May 24, 2022
hide.me before 2.4.4 on macOS suffers from a privilege escalation vulnerability in the... High Unreviewed
CVE-2019-12174 was published May 24, 2022
All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by information leak... High Unreviewed
CVE-2019-3411 was published May 24, 2022
On SOYAL AR-727H and AR-829Ev5 devices, all CGI programs allow unauthenticated POST access. High Unreviewed
CVE-2019-6451 was published May 24, 2022
A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a... High Unreviewed
CVE-2019-6820 was published May 24, 2022
Unauthenticated password hash disclosure in the User.getUserPWD method in eQ-3 AG Homematic CCU3... High Unreviewed
CVE-2019-9727 was published May 24, 2022
An issue was discovered on LG GAMP-7100, GAPM-7200, and GAPM-8000 routers. An unauthenticated... High Unreviewed
CVE-2019-7404 was published May 24, 2022
SOOTEWAY Wi-Fi Range Extender v1.5 was discovered to use default credentials (the admin password... High Unreviewed
CVE-2021-30028 was published May 21, 2022
BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote... High Unreviewed
CVE-2014-4872 was published May 17, 2022
Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware... High Unreviewed
CVE-2016-7830 was published May 17, 2022
In all Android releases from CAF using the Linux kernel, the Hypervisor API could be misused to... High Unreviewed
CVE-2015-9030 was published May 17, 2022
Exploitation of Authentication vulnerability in the web interface in McAfee Advanced Threat... High Unreviewed
CVE-2017-4055 was published May 17, 2022
IBM Security Identity Manager Adapters 6.0 and 7.0 does not perform an authentication check for a... High Unreviewed
CVE-2017-1483 was published May 17, 2022
The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no... High Unreviewed
CVE-2017-8156 was published May 17, 2022
The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no... High Unreviewed
CVE-2017-8155 was published May 17, 2022
SAP Startup Service, SAP KERNEL 7.45, 7.49, and 7.52, is missing an authentication check for... High Unreviewed
CVE-2018-2360 was published May 14, 2022
Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to bypass authentication... High Unreviewed
CVE-2018-0521 was published May 14, 2022
Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to bypass authentication and... High Unreviewed
CVE-2017-10854 was published May 14, 2022
Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to log in as user "sddm"... High Unreviewed
CVE-2014-7271 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database