Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

64 advisories

Loading
IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are... High Unreviewed
CVE-2022-22476 was published Jul 9, 2022
The authentication mechanism used by technicians on the tested version of Dominion Voting Systems... High Unreviewed
CVE-2022-1745 was published Jun 25, 2022
Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads... High Unreviewed
CVE-2022-2324 was published Jul 30, 2022
Multiple Wiesemann&Theis products of the ComServer Series are prone to an authentication bypass... High Unreviewed
CVE-2022-4098 was published Dec 13, 2022
An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows... High Unreviewed
CVE-2022-0030 was published Oct 12, 2022
An authentication bypass vulnerability in the Juniper Networks Paragon Active Assurance Control... High Unreviewed
CVE-2021-0232 was published May 24, 2022
OpenAsset Digital Asset Management (DAM) through 12.0.19 does not correctly determine the HTTP... High Unreviewed
CVE-2020-28856 was published May 24, 2022
Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by a token spoofing... High Unreviewed
CVE-2020-36128 was published May 24, 2022
If exploited, this vulnerability allows an attacker to access resources which are not otherwise... High Unreviewed
CVE-2021-28810 was published May 24, 2022
ThroughTek's Kalay Platform 2.0 network allows an attacker to impersonate an arbitrary ThroughTek... High Unreviewed
CVE-2021-28372 was published May 24, 2022
An authentication bypass vulnerability exists in the libxm_av.so getpeermac() functionality of... High Unreviewed
CVE-2022-25989 was published May 6, 2022
Authentication Bypass by Spoofing vulnerability in ECOS System Management Appliance (aka SMA) 5.2... High Unreviewed
CVE-2018-12331 was published May 13, 2022
SAP NetWeaver Process Integration (Adapter Engine), fixed in versions 7.10 to 7.11, 7.30, 7.31, 7... High Unreviewed
CVE-2019-0283 was published May 13, 2022
anji-plus AJ-Report 0.9.8.6 allows remote attackers to bypass login authentication by spoofing... High Unreviewed
CVE-2022-42983 was published Oct 17, 2022
MetInfo through 5.3.17 accepts the same CAPTCHA response for 120 seconds, which makes it easier... High Unreviewed
CVE-2017-11717 was published May 13, 2022
A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2... High Unreviewed
CVE-2017-18190 was published May 13, 2022
An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and... High Unreviewed
CVE-2017-6405 was published May 13, 2022
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by... High Unreviewed
CVE-2017-8422 was published May 13, 2022
MailMate before 1.11.3 mishandles a suspicious HTML/MIME structure in a signed/encrypted email. High Unreviewed
CVE-2018-15588 was published May 13, 2022
Windows CryptoAPI Spoofing Vulnerability. High Unreviewed
CVE-2022-34689 was published Oct 12, 2022
The WP Limit Login Attempts WordPress plugin through 2.6.4 prioritizes getting a visitor's IP... High Unreviewed
CVE-2022-4303 was published Jan 23, 2023
The FluentAuth WordPress plugin before 1.0.2 prioritizes getting a visitor's IP address from... High Unreviewed
CVE-2022-4746 was published Jan 23, 2023
Authentication Bypass by Spoofing vulnerability in Mitsubishi Electric Corporation GOT2000 Series... High Unreviewed
CVE-2022-40269 was published Feb 2, 2023
A security vulnerability exists in Zingbox Inspector versions 1.294 and earlier, that allows for... High Unreviewed
CVE-2019-15022 was published May 24, 2022
The User Activity WordPress plugin through 1.0.1 checks headers such as the X-Forwarded-For to... High Unreviewed
CVE-2022-4550 was published Feb 27, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database