GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,242
Composer 4,350
Erlang 31
GitHub Actions 22
Go 2,119
Maven 5,292
npm 3,770
NuGet 680
pip 3,459
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,710

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

372 advisories

Filter by severity

Sort by

Least recently updated

The Emerson DeltaV Distributed Control System (DCS) through 2022-04-29 mishandles authentication.... High Unreviewed

CVE-2022-29957 was published Jul 27, 2022

The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement.... High Unreviewed

CVE-2022-30276 was published Jul 27, 2022

This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed

CVE-2022-35871 was published Jul 26, 2022

The affected product is vulnerable due to missing authentication, which may allow an attacker to... High Unreviewed

CVE-2022-2138 was published Jul 23, 2022

An issue was discovered in Open Design Alliance Drawings SDK before 2023.3. An Out-of-Bounds Read... High Unreviewed

CVE-2022-28809 was published Jul 18, 2022

Apache Hive before 3.1.3 `CREATE` and `DROP` function operations do not check for necessary authorization. High

CVE-2021-34538 was published for org.apache.hive:hive (Maven) Jul 17, 2022

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S ... High Unreviewed

CVE-2022-33138 was published Jul 13, 2022

Due to missing authentication check, SAP Business one License service API - version 10.0 allows... High Unreviewed

CVE-2022-28771 was published Jul 13, 2022

An Uncontrolled Resource Consumption vulnerability in spacewalk-java of SUSE Manager Server 4.1,... High Unreviewed

CVE-2022-21952 was published Jun 23, 2022

Splunk Enterprise deployment servers in versions before 9.0 allow unauthenticated downloading of... High Unreviewed

CVE-2022-32157 was published Jun 16, 2022

An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which... High Unreviewed

CVE-2022-22576 was published May 27, 2022

TP-Link TL-WR840N EU v6.20 was discovered to contain insecure protections for its UART console.... High Unreviewed

CVE-2022-29402 was published May 26, 2022

A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of... High Unreviewed

CVE-2022-26026 was published May 26, 2022

An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles... High Unreviewed

CVE-2022-26067 was published May 26, 2022

An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of... High Unreviewed

CVE-2022-26303 was published May 26, 2022

An external config control vulnerability exists in the OAS Engine SecureAddSecurity functionality... High Unreviewed

CVE-2022-26043 was published May 26, 2022

An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality... High Unreviewed

CVE-2022-27169 was published May 26, 2022

Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated... High Unreviewed

CVE-2021-33543 was published May 24, 2022

The affected product is vulnerable to a missing permission validation on system backup restore,... High Unreviewed

CVE-2021-42539 was published May 24, 2022

A vulnerability has been identified in SIMATIC Process Historian 2013 and earlier (All versions),... High Unreviewed

CVE-2021-27395 was published May 24, 2022

An issue was discovered in Digi RealPort through 4.8.488.0. The 'encrypted' mode is vulnerable to... High Unreviewed

CVE-2021-35979 was published May 24, 2022

TadTools special page is vulnerable to authorization bypass, thus remote attackers can use the... High Unreviewed

CVE-2021-41975 was published May 24, 2022

Information disclosure: The main configuration, including users and their hashed passwords, is... High Unreviewed

CVE-2021-23858 was published May 24, 2022

On 2.1.15 version and below of Lider module in LiderAhenk software is leaking it's configurations... High Unreviewed

CVE-2021-3825 was published May 24, 2022

A Missing Authentication for Critical Function vulnerability in B. Braun SpaceCom2 prior to... High Unreviewed

CVE-2021-33882 was published May 24, 2022

Previous 1 2 … 7 8 9 10 11 … 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

372 advisories