GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,194
Composer 4,342
Erlang 31
GitHub Actions 22
Go 2,106
Maven 5,281
npm 3,764
NuGet 679
pip 3,451
Pub 12
RubyGems 892
Rust 886
Swift 37

Unreviewed advisories

All unreviewed 243,053

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

330 advisories

Filter by severity

Sort by

Least recently updated

The web service on Epson WorkForce WF-2861 10.48 LQ22I3(Recovery-mode), WF-2861 10.51.LQ20I6, and... Critical Unreviewed

CVE-2018-19248 was published May 13, 2022

Missing authentication and improper input validation in KERUI Wifi Endoscope Camera (YPC99) allow... Critical Unreviewed

CVE-2018-13114 was published May 13, 2022

A vulnerability in the web interface of Cisco RV132W ADSL2+ Wireless-N VPN Routers and Cisco... Critical Unreviewed

CVE-2018-0127 was published May 13, 2022

A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable... Critical Unreviewed

CVE-2017-2637 was published May 13, 2022

Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to bypass... Critical Unreviewed

CVE-2015-2888 was published May 13, 2022

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x... Critical Unreviewed

CVE-2022-1388 was published May 6, 2022

Multiple Version of TRUMPF TruTops products expose a service function without necessary... Critical Unreviewed

CVE-2022-1300 was published May 3, 2022

Missing authentication for critical function in AssetView prior to Ver.13.2.0 allows a remote... Critical Unreviewed

CVE-2022-28719 was published Apr 29, 2022

xlockmore 5.13 allows potential xlock bypass when FVWM switches to the same virtual desktop as a... Critical Unreviewed

CVE-2006-0062 was published Apr 21, 2022

The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows... Critical Unreviewed

CVE-2022-0993 was published Apr 20, 2022

The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows... Critical Unreviewed

CVE-2022-0992 was published Apr 20, 2022

AVEVA System Platform versions 2017 through 2020 R2 P01 does not perform any authentication for... Critical Unreviewed

CVE-2021-33008 was published Apr 5, 2022

In Totolink A3100R V5.9c.4577, multiple pages can be read by curl or Burp Suite without... Critical Unreviewed

CVE-2021-46009 was published Apr 1, 2022

A vulnerability is in the 'wx.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6... Critical Unreviewed

CVE-2021-44259 was published Mar 18, 2022

Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2). Critical Unreviewed

CVE-2022-26501 was published Mar 18, 2022

When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows... Critical Unreviewed

CVE-2022-25251 was published Mar 17, 2022

Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an... Critical Unreviewed

CVE-2022-25247 was published Mar 17, 2022

Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic... Critical Unreviewed

CVE-2022-25922 was published Mar 11, 2022

The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business... Critical Unreviewed

CVE-2022-26143 was published Mar 11, 2022

Emerson OpenEnterprise versions through 3.3.4 may allow an attacker to run an arbitrary commands... Critical Unreviewed

CVE-2020-10640 was published Feb 25, 2022

A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause... Critical Unreviewed

CVE-2021-22805 was published Feb 12, 2022

A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause... Critical Unreviewed

CVE-2021-22823 was published Feb 12, 2022

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component:... Critical Unreviewed

CVE-2021-35587 was published Jan 20, 2022

NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive,... Critical Unreviewed

CVE-2022-23227 was published Jan 15, 2022

An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip... Critical Unreviewed

CVE-2021-28506 was published Jan 15, 2022

Previous 1 2 … 10 11 12 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

330 advisories