GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,402 advisories
Filter by severity
When the device is in factory state, it can be access the shell without adb authentication...
High
Unreviewed
CVE-2022-23729
was published
Mar 5, 2022
Account compromise in Evmos
High
CVE-2022-24738
was published
for
github.com/tharsis/evmos
(Go)
Mar 7, 2022
Acer Care Center 4.00.30xx before 4.00.3042 contains a local privilege escalation vulnerability....
High
Unreviewed
CVE-2022-24285
was published
Mar 11, 2022
Acer QuickAccess 2.01.300x before 2.01.3030 and 3.00.30xx before 3.00.3038 contains a local...
High
Unreviewed
CVE-2022-24286
was published
Mar 11, 2022
TP-Link Omada SDN Software Controller before 5.0.15 does not check if the authentication method...
High
Unreviewed
CVE-2021-44032
was published
Mar 11, 2022
otris Update Manager 1.2.1.0 allows local users to achieve SYSTEM access via unauthenticated...
High
Unreviewed
CVE-2021-40376
was published
Mar 11, 2022
CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate...
High
Unreviewed
CVE-2022-22729
was published
Mar 12, 2022
Improper Authentication in FreeTAKServer
High
CVE-2022-25508
was published
for
FreeTAKServer
(pip)
Mar 12, 2022
An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It mishandles software updates...
High
Unreviewed
CVE-2021-41848
was published
Mar 13, 2022
Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used...
High
Unreviewed
CVE-2022-26504
was published
Mar 18, 2022
Improper Authentication vulnerability in TLS origin validation of Apache Traffic Server allows an...
High
Unreviewed
CVE-2021-44759
was published
Mar 24, 2022
A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired...
High
Unreviewed
CVE-2022-1049
was published
Mar 26, 2022
An improper authentication vulnerability leading to information leakage was discovered in iptime...
High
Unreviewed
CVE-2021-26620
was published
Mar 26, 2022
Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and...
High
Unreviewed
CVE-2022-25915
was published
Apr 1, 2022
Improper cleaning of secure memory between authenticated users can lead to face authentication...
High
Unreviewed
CVE-2021-1950
was published
Apr 2, 2022
A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s):...
High
Unreviewed
CVE-2022-23699
was published
Apr 5, 2022
A vulnerability was found in SAP Information System 1.0 which has been rated as critical....
High
Unreviewed
CVE-2022-1248
was published
Apr 7, 2022
An Access Control vulnerability exists in CLARO KAON CG3000 1.00.67 in the router configuration,...
High
Unreviewed
CVE-2021-43483
was published
Apr 9, 2022
The device authentication service module has a defect vulnerability introduced in the design...
High
Unreviewed
CVE-2021-46740
was published
Apr 12, 2022
go.etcd.io/etcd Authentication Bypass
High
CVE-2018-16886
was published
for
go.etcd.io/etcd
(Go)
Apr 12, 2022
Real-time image information exposure is caused by insufficient authentication for activated RTSP...
High
Unreviewed
CVE-2021-26627
was published
Apr 20, 2022
A vulnerability within the authentication process of Abacus ERP allows a remote attacker to...
High
Unreviewed
CVE-2022-1065
was published
Apr 20, 2022
TCP firewalls could be circumvented by sending a SYN Packets with other flags (like e.g. RST flag...
High
Unreviewed
CVE-2002-2438
was published
Apr 21, 2022
An issue was discovered in MISP before 2.4.158. In UsersController.php, password confirmation can...
High
Unreviewed
CVE-2022-29534
was published
Apr 22, 2022
Improper Authentication in django-mfa3
High
CVE-2022-24857
was published
for
django-mfa3
(pip)
Apr 22, 2022
ProTip!
Advisories are also available from the
GraphQL API