Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

307 advisories

Loading
VMware VMware Fusion (11.x before 11.0.3) contains a security vulnerability due to certain... High Unreviewed
CVE-2019-5514 was published May 13, 2022
Windows LSA Spoofing Vulnerability. High Unreviewed
CVE-2022-26925 was published May 11, 2022
The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote attackers to bypass... High Unreviewed
CVE-2007-0956 was published May 3, 2022
Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An... High Unreviewed
CVE-2018-17924 was published May 3, 2022
admin.php in Frax.dk Php Recommend 1.3 and earlier does not require authentication when the user... High Unreviewed
CVE-2009-1780 was published May 2, 2022
D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server... High Unreviewed
CVE-2002-1810 was published Apr 30, 2022
Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with... High Unreviewed
CVE-2004-0213 was published Apr 29, 2022
The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior... High Unreviewed
CVE-2021-25094 was published Apr 26, 2022
websitebaker prior to and including 2.8.1 has an authentication error in backup module. High Unreviewed
CVE-2011-4322 was published Apr 22, 2022
xscreensaver before 5.14 crashes during activation and leaves the screen unlocked when in Blank... High Unreviewed
CVE-2011-2187 was published Apr 22, 2022
Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Missing... High Unreviewed
CVE-2020-27376 was published Apr 8, 2022
A vulnerability was found in SAP Information System 1.0 which has been rated as critical.... High Unreviewed
CVE-2022-1248 was published Apr 7, 2022
totolink EX300_v2 V4.0.3c.140_B20210429 and EX1200T V4.1.2cu.5230_B20210706 does not contain an... High Unreviewed
CVE-2022-25008 was published Apr 1, 2022
Missing Authentication for Critical Function in Foreman Ansible High
CVE-2021-3589 was published for foreman_ansible (RubyGems) Mar 24, 2022
A vulnerability is in the 'MNU_top.htm' page of the Netgear W104, version WAC104-V1.0.4.13, which... High Unreviewed
CVE-2021-44262 was published Mar 18, 2022
A vulnerability is in the 'live_mfg.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6... High Unreviewed
CVE-2021-44260 was published Mar 18, 2022
When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows... High Unreviewed
CVE-2022-25250 was published Mar 17, 2022
Improper Authentication in FreeTAKServer High
CVE-2022-25508 was published for FreeTAKServer (pip) Mar 12, 2022
atune before 0.3-0.8 log in as a local user and run the curl command to access the local atune... High Unreviewed
CVE-2021-33658 was published Mar 12, 2022
The Simple Diagnostics Agent - versions 1.0 up to version 1.57, does not perform any... High Unreviewed
CVE-2022-24396 was published Mar 11, 2022
Missing Authentication for Critical Function in Apache TomEE High
CVE-2020-11969 was published for org.apache.tomee:tomee (Maven) Feb 10, 2022
Authentication bypass in Apache Hadoop High
CVE-2018-11764 was published for org.apache.hadoop:hadoop-main (Maven) Feb 10, 2022
A denial of service vulnerability exists in the Modbus configuration functionality of Sealevel... High Unreviewed
CVE-2021-21964 was published Feb 10, 2022
Missing authentication in ShenYu High
CVE-2022-23945 was published for org.apache.shenyu:shenyu-common (Maven) Jan 28, 2022
tdunlap607
USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute... High Unreviewed
CVE-2022-23220 was published Jan 22, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database