Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

986 advisories

Loading
Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An... High Unreviewed
CVE-2018-17924 was published May 3, 2022
Multiple Version of TRUMPF TruTops products expose a service function without necessary... Critical Unreviewed
CVE-2022-1300 was published May 3, 2022
admin.php in Frax.dk Php Recommend 1.3 and earlier does not require authentication when the user... High Unreviewed
CVE-2009-1780 was published May 2, 2022
D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server... High Unreviewed
CVE-2002-1810 was published Apr 30, 2022
Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with... High Unreviewed
CVE-2004-0213 was published Apr 29, 2022
Missing authentication for critical function in AssetView prior to Ver.13.2.0 allows a remote... Critical Unreviewed
CVE-2022-28719 was published Apr 29, 2022
The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior... High Unreviewed
CVE-2021-25094 was published Apr 26, 2022
In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in... Moderate Unreviewed
CVE-2012-2736 was published Apr 23, 2022
websitebaker prior to and including 2.8.1 has an authentication error in backup module. High Unreviewed
CVE-2011-4322 was published Apr 22, 2022
xscreensaver before 5.14 crashes during activation and leaves the screen unlocked when in Blank... High Unreviewed
CVE-2011-2187 was published Apr 22, 2022
xlockmore 5.13 allows potential xlock bypass when FVWM switches to the same virtual desktop as a... Critical Unreviewed
CVE-2006-0062 was published Apr 21, 2022
The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows... Critical Unreviewed
CVE-2022-0993 was published Apr 20, 2022
The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows... Critical Unreviewed
CVE-2022-0992 was published Apr 20, 2022
The Visual Form Builder WordPress plugin before 3.0.6 does not perform access control on entry... Moderate Unreviewed
CVE-2022-0140 was published Apr 13, 2022
Electric Vehicle (EV) commonly utilises the Combined Charging System (CCS) for DC rapid charging.... Moderate Unreviewed
CVE-2022-0878 was published Apr 13, 2022
Unauthenticated user can list hidden document from multiple velocity templates in XWiki Moderate
CVE-2022-24820 was published for org.xwiki.platform:xwiki-platform-web (Maven) Apr 8, 2022
Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Missing... High Unreviewed
CVE-2020-27376 was published Apr 8, 2022
A vulnerability was found in SAP Information System 1.0 which has been rated as critical.... High Unreviewed
CVE-2022-1248 was published Apr 7, 2022
AVEVA System Platform versions 2017 through 2020 R2 P01 does not perform any authentication for... Critical Unreviewed
CVE-2021-33008 was published Apr 5, 2022
Sensitive information can be obtained through the handling of serialized data. The issue results... Moderate Unreviewed
CVE-2020-14479 was published Apr 3, 2022
The software does not perform any authentication for critical system functionality. Moderate Unreviewed
CVE-2022-0922 was published Apr 3, 2022
In Totolink A3100R V5.9c.4577, "test.asp" contains an API-like function, which is not... Moderate Unreviewed
CVE-2021-46006 was published Apr 1, 2022
In Totolink A3100R V5.9c.4577, multiple pages can be read by curl or Burp Suite without... Critical Unreviewed
CVE-2021-46009 was published Apr 1, 2022
totolink EX300_v2 V4.0.3c.140_B20210429 and EX1200T V4.1.2cu.5230_B20210706 does not contain an... High Unreviewed
CVE-2022-25008 was published Apr 1, 2022
Missing Authentication for Critical Function in Foreman Ansible High
CVE-2021-3589 was published for foreman_ansible (RubyGems) Mar 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database