Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+

367 advisories

Loading
TadTools special page is vulnerable to authorization bypass, thus remote attackers can use the... High Unreviewed
CVE-2021-41975 was published May 24, 2022
An issue was discovered in Digi RealPort through 4.8.488.0. The 'encrypted' mode is vulnerable to... High Unreviewed
CVE-2021-35979 was published May 24, 2022
A vulnerability has been identified in SIMATIC Process Historian 2013 and earlier (All versions),... High Unreviewed
CVE-2021-27395 was published May 24, 2022
The affected product is vulnerable to a missing permission validation on system backup restore,... High Unreviewed
CVE-2021-42539 was published May 24, 2022
Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated... High Unreviewed
CVE-2021-33543 was published May 24, 2022
An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality... High Unreviewed
CVE-2022-27169 was published May 26, 2022
An external config control vulnerability exists in the OAS Engine SecureAddSecurity functionality... High Unreviewed
CVE-2022-26043 was published May 26, 2022
An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles... High Unreviewed
CVE-2022-26067 was published May 26, 2022
An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of... High Unreviewed
CVE-2022-26303 was published May 26, 2022
A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of... High Unreviewed
CVE-2022-26026 was published May 26, 2022
TP-Link TL-WR840N EU v6.20 was discovered to contain insecure protections for its UART console.... High Unreviewed
CVE-2022-29402 was published May 26, 2022
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which... High Unreviewed
CVE-2022-22576 was published May 27, 2022
Splunk Enterprise deployment servers in versions before 9.0 allow unauthenticated downloading of... High Unreviewed
CVE-2022-32157 was published Jun 16, 2022
An Uncontrolled Resource Consumption vulnerability in spacewalk-java of SUSE Manager Server 4.1,... High Unreviewed
CVE-2022-21952 was published Jun 23, 2022
Due to missing authentication check, SAP Business one License service API - version 10.0 allows... High Unreviewed
CVE-2022-28771 was published Jul 13, 2022
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S ... High Unreviewed
CVE-2022-33138 was published Jul 13, 2022
Apache Hive before 3.1.3 `CREATE` and `DROP` function operations do not check for necessary authorization. High
CVE-2021-34538 was published for org.apache.hive:hive (Maven) Jul 17, 2022
An issue was discovered in Open Design Alliance Drawings SDK before 2023.3. An Out-of-Bounds Read... High Unreviewed
CVE-2022-28809 was published Jul 18, 2022
The affected product is vulnerable due to missing authentication, which may allow an attacker to... High Unreviewed
CVE-2022-2138 was published Jul 23, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-35871 was published Jul 26, 2022
The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement.... High Unreviewed
CVE-2022-30276 was published Jul 27, 2022
The Emerson DeltaV Distributed Control System (DCS) through 2022-04-29 mishandles authentication.... High Unreviewed
CVE-2022-29957 was published Jul 27, 2022
Honeywell Experion PKS Safety Manager through 2022-05-06 has Missing Authentication for a... High Unreviewed
CVE-2022-30313 was published Jul 29, 2022
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an... High Unreviewed
CVE-2022-37062 was published Aug 19, 2022
Insecure permissions in cskefu v7.0.1 allows unauthenticated attackers to arbitrarily add... High Unreviewed
CVE-2022-36521 was published Aug 27, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database