GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
292 advisories
Filter by severity
Rdiffweb is missing authentication for critical function
Critical
CVE-2022-3327
was published
for
rdiffweb
(pip)
Oct 20, 2022
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business...
Critical
Unreviewed
CVE-2022-21587
was published
Oct 19, 2022
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version...
Critical
Unreviewed
CVE-2022-40684
was published
Oct 18, 2022
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a missing...
Critical
Unreviewed
CVE-2022-22526
was published
Sep 29, 2022
The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable...
Critical
Unreviewed
CVE-2022-1368
was published
Sep 7, 2022
Honeywell Experion LX through 2022-05-06 has Missing Authentication for a Critical Function....
Critical
Unreviewed
CVE-2022-30317
was published
Sep 1, 2022
Missing authentication for critical function vulnerability in UNIMO Technology digital video...
Critical
Unreviewed
CVE-2022-35733
was published
Aug 24, 2022
Authentication Bypass vulnerability in miniOrange OAuth 2.0 client for SSO plugin <= 1.11.3 at...
Critical
Unreviewed
CVE-2022-34858
was published
Aug 23, 2022
A vulnerability was found in SourceCodester Company Website CMS 1.0. It has been declared as...
Critical
Unreviewed
CVE-2022-2765
was published
Aug 12, 2022
The KUKA SystemSoftware V/KSS in versions prior to 8.6.5 is prone to improper access control as...
Critical
Unreviewed
CVE-2022-2242
was published
Aug 11, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
Critical
Unreviewed
CVE-2022-35865
was published
Aug 4, 2022
Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. It...
Critical
Unreviewed
CVE-2022-29952
was published
Jul 27, 2022
JTEKT TOYOPUC PLCs through 2022-04-29 mishandle authentication. They utilize the CMPLink/TCP...
Critical
Unreviewed
CVE-2022-29951
was published
Jul 27, 2022
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker...
Critical
Unreviewed
CVE-2022-20858
was published
Jul 22, 2022
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker...
Critical
Unreviewed
CVE-2022-20857
was published
Jul 22, 2022
SMS-based GPS commands can be executed by MiCODUS MV720 GPS tracker without authentication.
Critical
Unreviewed
CVE-2022-2141
was published
Jul 21, 2022
A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The...
Critical
Unreviewed
CVE-2021-44222
was published
Jul 13, 2022
There is no account authentication and permission check logic in the firmware and existing apps...
Critical
Unreviewed
CVE-2021-26637
was published
Jun 24, 2022
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6),...
Critical
Unreviewed
CVE-2022-30230
was published
Jun 15, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). There...
Critical
Unreviewed
CVE-2022-32251
was published
Jun 15, 2022
A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open...
Critical
Unreviewed
CVE-2022-26082
was published
May 26, 2022
An improper authentication vulnerability exists in the REST API functionality of Open Automation...
Critical
Unreviewed
CVE-2022-26833
was published
May 26, 2022
The affected product’s configuration is vulnerable due to missing authentication, which may allow...
Critical
Unreviewed
CVE-2021-32930
was published
May 24, 2022
The manage users profile services of the network camera device allows an authenticated. Remote...
Critical
Unreviewed
CVE-2021-30167
was published
May 24, 2022
The server permits communication without any authentication procedure, allowing the attacker to...
Critical
Unreviewed
CVE-2021-38457
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API