GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,184 advisories
Filter by severity
Incorrect Authentication in shopware
Moderate
CVE-2022-24748
was published
for
shopware/core
(Composer)
Mar 10, 2022
Improper access control vulnerability in Samsung Account prior to version 13.1.0.1 allows...
Moderate
Unreviewed
CVE-2022-25825
was published
Mar 11, 2022
Improper authentication in Samsung Lock and mask apps setting prior to SMR Mar-2022 Release 1...
Moderate
Unreviewed
CVE-2022-25816
was published
Mar 11, 2022
Sudden swap of user auth tokens in Volto
Moderate
CVE-2022-24740
was published
for
@plone/volto
(npm)
Mar 14, 2022
A lack of password change protection vulnerability in a depreciated API of McAfee Enterprise...
Moderate
Unreviewed
CVE-2022-0862
was published
Mar 24, 2022
An issue has been discovered in GitLab CE/EE affecting versions 13.0 to 14.6.5, 14.7 to 14.7.4,...
Moderate
Unreviewed
CVE-2021-4191
was published
Mar 29, 2022
Incorrect Access Control in ImpressCMS
Moderate
CVE-2021-26598
was published
for
impresscms/impresscms
(Composer)
Mar 29, 2022
Vivoh Webinar Manager before 3.6.3.0 has improper API authentication. When a user logs in to the...
Moderate
Unreviewed
CVE-2021-45900
was published
Apr 1, 2022
Wyse Device Agent version 14.6.1.4 and below contain an Improper Authentication vulnerability. A...
Moderate
Unreviewed
CVE-2022-23156
was published
Apr 2, 2022
Improper authorization in GitLab Pages included with GitLab CE/EE affecting all versions from 11...
Moderate
Unreviewed
CVE-2022-1148
was published
Apr 5, 2022
Improper authentication vulnerability in SecretMode in Samsung Internet prior to version 16.2.1...
Moderate
Unreviewed
CVE-2022-27839
was published
Apr 12, 2022
Improper authentication vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical...
Moderate
Unreviewed
CVE-2022-25832
was published
Apr 12, 2022
Improper access control vulnerability in Knox Manage prior to SMR Apr-2022 Release 1 allows that...
Moderate
Unreviewed
CVE-2022-26091
was published
Apr 12, 2022
Improper access control vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical...
Moderate
Unreviewed
CVE-2022-25831
was published
Apr 12, 2022
Navigating to a specific URL with a patient ID number will result in the server generating a PDF...
Moderate
Unreviewed
CVE-2022-1067
was published
Apr 12, 2022
** UNSUPPORTED WHEN ASSIGNED ** A post-authentication arbitrary file read vulnerability impacting...
Moderate
Unreviewed
CVE-2022-22279
was published
Apr 14, 2022
stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it...
Moderate
Unreviewed
CVE-2010-2496
was published
Apr 21, 2022
A business logic vulnerability exists in Mi App Store. The vulnerability is caused by incomplete...
Moderate
Unreviewed
CVE-2020-14121
was published
Apr 22, 2022
Keycloak is vulnerable to IDN homograph attack
Moderate
CVE-2021-3424
was published
for
org.keycloak:keycloak-services
(Maven)
Apr 28, 2022
Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows...
Moderate
Unreviewed
CVE-2003-1433
was published
Apr 29, 2022
login_ldap 3.1 and 3.2 allows remote attackers to initiate unauthenticated bind requests if (1)...
Moderate
Unreviewed
CVE-2003-1434
was published
Apr 29, 2022
Netbus 1.5 through 1.7 allows more than one client to be connected at the same time, but only...
Moderate
Unreviewed
CVE-2003-1475
was published
Apr 29, 2022
upload.php in Truegalerie 1.0 allows remote attackers to read arbitrary files by specifying the...
Moderate
Unreviewed
CVE-2003-1489
was published
Apr 29, 2022
Polar HelpDesk 3.0 allows remote attackers to bypass authentication by setting the UserId and...
Moderate
Unreviewed
CVE-2004-2736
was published
Apr 29, 2022
Improper Authentication in moodle
Moderate
CVE-2022-0985
was published
for
moodle/moodle
(Composer)
Apr 30, 2022
ProTip!
Advisories are also available from the
GraphQL API