Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

860 advisories

Loading
The Limit Login Attempts plugin before 1.7.1 for WordPress does not clear auth cookies upon a... Critical Unreviewed
CVE-2012-10001 was published Apr 23, 2022
Dataprobe iBootBar (with 2007-09-20 and possibly later beta firmware) allows remote attackers to... Critical Unreviewed
CVE-2007-6760 was published May 1, 2022
Dataprobe iBootBar (with 2007-09-20 and possibly later released firmware) allows remote attackers... Critical Unreviewed
CVE-2007-6759 was published May 1, 2022
A misconfiguration of RSA in PingID Windows Login prior to 2.7 is vulnerable to pre-computed... Critical Unreviewed
CVE-2021-41992 was published May 3, 2022
An MFA bypass vulnerability exists in the PingFederate PingOne MFA Integration Kit when adapter... Critical Unreviewed
CVE-2022-23723 was published May 4, 2022
An Authentication Bypass vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34 in... Critical Unreviewed
CVE-2013-3072 was published May 5, 2022
Magnolia CMS before 4.5.9 has multiple access bypass vulnerabilities Critical Unreviewed
CVE-2013-4621 was published May 5, 2022
Belkin N900 router (F9K1104v1) contains an Authentication Bypass using "Javascript debugging". Critical Unreviewed
CVE-2013-3088 was published May 5, 2022
An improper authentication vulnerability has been reported to affect QNAP device running Photo... Critical Unreviewed
CVE-2021-44057 was published May 6, 2022
An improper authentication vulnerability has been reported to affect QNAP device running Video... Critical Unreviewed
CVE-2021-44056 was published May 6, 2022
In multiple Tecson Tankspion and GOKs SmartBox 4 products the affected application doesn't... Critical Unreviewed
CVE-2019-12254 was published May 7, 2022
Sysaid – Sysaid System Takeover - An attacker can bypass the authentication process by accessing... Critical Unreviewed
CVE-2022-22796 was published May 13, 2022
An exploitable vulnerability exists in the generation of authentication token functionality of... Critical Unreviewed
CVE-2017-2864 was published May 13, 2022
The "remember me" functionality in login.php in Burden before 1.8.1 allows remote attackers to... Critical Unreviewed
CVE-2013-7137 was published May 13, 2022
Authentication bypass vulnerability in portal/account/register.php in versions of OpenEMR before... Critical Unreviewed
CVE-2018-15152 was published May 13, 2022
A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's... Critical Unreviewed
CVE-2018-7791 was published May 13, 2022
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions... Critical Unreviewed
CVE-2018-7228 was published May 13, 2022
It was discovered that the bpserverd proprietary protocol in Unitrends Backup (UB) before 10.0.0,... Critical Unreviewed
CVE-2017-12477 was published May 13, 2022
It was discovered that the api/storage web interface in Unitrends Backup (UB) before 10.0.0 has... Critical Unreviewed
CVE-2017-12478 was published May 13, 2022
It was discovered that the Unitrends Backup (UB) before 10.1.0 user interface was exposed to an... Critical Unreviewed
CVE-2018-6328 was published May 13, 2022
Moxa Device Server Web Console 5232-N allows remote attackers to bypass authentication, and... Critical Unreviewed
CVE-2016-4503 was published May 13, 2022
Contao Does Not Expire Tokens Correctly Critical
CVE-2019-10643 was published for contao/contao (Composer) May 13, 2022
An issue was discovered on FiberHome User End Routers Bearing Model Number AN1020-25 which could... Critical Unreviewed
CVE-2017-14147 was published May 13, 2022
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior do not... Critical Unreviewed
CVE-2018-10603 was published May 13, 2022
Improper Authentication in Apache CXF Critical
CVE-2012-0803 was published for org.apache.cxf:cxf (Maven) May 13, 2022
ProTip! Advisories are also available from the GraphQL API