Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,361
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,794
NuGet
685
pip
3,473
Pub
12
RubyGems
895
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,443 advisories

Loading
Multiple unspecified vulnerabilities in the Backup Exec remote-agent logon process in Symantec... High Unreviewed
CVE-2008-5407 was published May 17, 2022
In setScanMode of AdapterService.java, there is a possible way to enable Bluetooth discovery mode... High Unreviewed
CVE-2022-20126 was published Jun 16, 2022
A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11... High Unreviewed
CVE-2022-21935 was published Jun 16, 2022
An issue was discovered in Couchbase Server before 7.0.4. XDCR lacks role checking when changing... High Unreviewed
CVE-2022-32560 was published Jun 14, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series... High Unreviewed
CVE-2021-1542 was published May 24, 2022
An issue was discovered on D-Link DIR-850L 1.21WW devices. A partially completed WPA handshake is... High Unreviewed
CVE-2018-18907 was published Jun 17, 2022
Mantis before 1.1.3 does not unset the session cookie during logout, which makes it easier for... High Unreviewed
CVE-2008-4689 was published May 17, 2022
Cisco RV110W, RV130W, and RV215W devices have an incorrect RBAC configuration for the default... High Unreviewed
CVE-2015-6397 was published May 17, 2022
MaLion for Windows 5.2.1 and earlier (only when "Remote Control" is installed) and MaLion for Mac... High Unreviewed
CVE-2017-10815 was published May 17, 2022
Unspecified vulnerability in Sun Integrated Lights-Out Manager (ILOM) 2.0.1.5 through 2.0.4.26... High Unreviewed
CVE-2008-4722 was published May 17, 2022
An issue was discovered in the pixxio (aka pixx.io integration or DAM) extension before 1.0.6 for... High Unreviewed
CVE-2021-43563 was published May 24, 2022
Improper verification of timeout-based authentication in identity credential can lead to invalid... High Unreviewed
CVE-2021-35094 was published Jun 15, 2022
In M-Files Web product with versions before 20.10.9524.1 and 20.10.9445.0, a remote attacker... High Unreviewed
CVE-2021-37254 was published May 24, 2022
ManageEngine ADManager Plus before 7111 has Pre-authentication RCE vulnerabilities. High Unreviewed
CVE-2021-37741 was published May 24, 2022
Certain NETGEAR smart switches are affected by a \n injection in the web UI's password field,... High Unreviewed
CVE-2021-41314 was published May 24, 2022
CyberArk Identity 21.5.131, when handling an invalid authentication attempt, sometimes reveals... High Unreviewed
CVE-2021-37151 was published May 24, 2022
Session fixation vulnerability in Elxis CMS 2008.1 revision 2204 allows remote attackers to... High Unreviewed
CVE-2008-4649 was published May 17, 2022
There is an improper authentication vulnerability in FLMG-10 10.0.1.0(H100SP22C00). Successful... High Unreviewed
CVE-2022-22259 was published Jun 14, 2022
OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access... High Unreviewed
CVE-2020-15078 was published May 24, 2022
Nukeviet 2.0 Beta allows remote attackers to bypass authentication and gain administrative access... High Unreviewed
CVE-2008-5945 was published May 17, 2022
Improper access control vulnerability in Smart Things prior to 1.7.85.25 allows local attackers... High Unreviewed
CVE-2022-30749 was published Jun 8, 2022
Owl Labs Meeting Owl 5.2.0.15 does not require a password for Bluetooth commands, because only... High Unreviewed
CVE-2022-31463 was published Jun 3, 2022
In GFOS Workforce Management 4.8.272.1, the login page of application is prone to authentication... High Unreviewed
CVE-2021-38618 was published May 24, 2022
Corero SecureWatch Managed Services 9.7.2.0020 does not correctly check swa-monitor and cns... High Unreviewed
CVE-2021-38137 was published May 24, 2022
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is... High Unreviewed
CVE-2022-26975 was published Jun 3, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database