Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,402 advisories

Loading
When the device is in factory state, it can be access the shell without adb authentication... High Unreviewed
CVE-2022-23729 was published Mar 5, 2022
Account compromise in Evmos High
CVE-2022-24738 was published for github.com/tharsis/evmos (Go) Mar 7, 2022
colin-axner
Acer Care Center 4.00.30xx before 4.00.3042 contains a local privilege escalation vulnerability.... High Unreviewed
CVE-2022-24285 was published Mar 11, 2022
Acer QuickAccess 2.01.300x before 2.01.3030 and 3.00.30xx before 3.00.3038 contains a local... High Unreviewed
CVE-2022-24286 was published Mar 11, 2022
TP-Link Omada SDN Software Controller before 5.0.15 does not check if the authentication method... High Unreviewed
CVE-2021-44032 was published Mar 11, 2022
otris Update Manager 1.2.1.0 allows local users to achieve SYSTEM access via unauthenticated... High Unreviewed
CVE-2021-40376 was published Mar 11, 2022
CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate... High Unreviewed
CVE-2022-22729 was published Mar 12, 2022
Improper Authentication in FreeTAKServer High
CVE-2022-25508 was published for FreeTAKServer (pip) Mar 12, 2022
An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It mishandles software updates... High Unreviewed
CVE-2021-41848 was published Mar 13, 2022
Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used... High Unreviewed
CVE-2022-26504 was published Mar 18, 2022
Improper Authentication vulnerability in TLS origin validation of Apache Traffic Server allows an... High Unreviewed
CVE-2021-44759 was published Mar 24, 2022
A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired... High Unreviewed
CVE-2022-1049 was published Mar 26, 2022
An improper authentication vulnerability leading to information leakage was discovered in iptime... High Unreviewed
CVE-2021-26620 was published Mar 26, 2022
Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and... High Unreviewed
CVE-2022-25915 was published Apr 1, 2022
Improper cleaning of secure memory between authenticated users can lead to face authentication... High Unreviewed
CVE-2021-1950 was published Apr 2, 2022
A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s):... High Unreviewed
CVE-2022-23699 was published Apr 5, 2022
A vulnerability was found in SAP Information System 1.0 which has been rated as critical.... High Unreviewed
CVE-2022-1248 was published Apr 7, 2022
An Access Control vulnerability exists in CLARO KAON CG3000 1.00.67 in the router configuration,... High Unreviewed
CVE-2021-43483 was published Apr 9, 2022
The device authentication service module has a defect vulnerability introduced in the design... High Unreviewed
CVE-2021-46740 was published Apr 12, 2022
go.etcd.io/etcd Authentication Bypass High
CVE-2018-16886 was published for go.etcd.io/etcd (Go) Apr 12, 2022
Real-time image information exposure is caused by insufficient authentication for activated RTSP... High Unreviewed
CVE-2021-26627 was published Apr 20, 2022
A vulnerability within the authentication process of Abacus ERP allows a remote attacker to... High Unreviewed
CVE-2022-1065 was published Apr 20, 2022
TCP firewalls could be circumvented by sending a SYN Packets with other flags (like e.g. RST flag... High Unreviewed
CVE-2002-2438 was published Apr 21, 2022
An issue was discovered in MISP before 2.4.158. In UsersController.php, password confirmation can... High Unreviewed
CVE-2022-29534 was published Apr 22, 2022
Improper Authentication in django-mfa3 High
CVE-2022-24857 was published for django-mfa3 (pip) Apr 22, 2022
stefanw
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database