Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
41
GitHub Actions
41
Go
3,058
Maven
5,000+
npm
4,845
NuGet
825
pip
4,397
Pub
12
RubyGems
988
Rust
1,147
Swift
50
Unreviewed advisories
All unreviewed
5,000+

1,591 advisories

Loading
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x... Critical Unreviewed
CVE-2022-1388 was published May 6, 2022
On all versions 1.3.x (fixed in 1.4.0) NGINX Service Mesh control plane endpoints are exposed to... Moderate Unreviewed
CVE-2022-27495 was published May 6, 2022
The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote attackers to bypass... High Unreviewed
CVE-2007-0956 was published May 3, 2022
Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An... High Unreviewed
CVE-2018-17924 was published May 3, 2022
Multiple Version of TRUMPF TruTops products expose a service function without necessary... Critical Unreviewed
CVE-2022-1300 was published May 3, 2022
admin.php in Frax.dk Php Recommend 1.3 and earlier does not require authentication when the user... High Unreviewed
CVE-2009-1780 was published May 2, 2022
D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server... High Unreviewed
CVE-2002-1810 was published Apr 30, 2022
Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with... High Unreviewed
CVE-2004-0213 was published Apr 29, 2022
Missing authentication for critical function in AssetView prior to Ver.13.2.0 allows a remote... Critical Unreviewed
CVE-2022-28719 was published Apr 29, 2022
The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior... High Unreviewed
CVE-2021-25094 was published Apr 26, 2022
In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in... Moderate Unreviewed
CVE-2012-2736 was published Apr 23, 2022
websitebaker prior to and including 2.8.1 has an authentication error in backup module. High Unreviewed
CVE-2011-4322 was published Apr 22, 2022
xscreensaver before 5.14 crashes during activation and leaves the screen unlocked when in Blank... High Unreviewed
CVE-2011-2187 was published Apr 22, 2022
xlockmore 5.13 allows potential xlock bypass when FVWM switches to the same virtual desktop as a... Critical Unreviewed
CVE-2006-0062 was published Apr 21, 2022
The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows... Critical Unreviewed
CVE-2022-0992 was published Apr 20, 2022
The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows... Critical Unreviewed
CVE-2022-0993 was published Apr 20, 2022
The Visual Form Builder WordPress plugin before 3.0.6 does not perform access control on entry... Moderate Unreviewed
CVE-2022-0140 was published Apr 13, 2022
Electric Vehicle (EV) commonly utilises the Combined Charging System (CCS) for DC rapid charging.... Moderate Unreviewed
CVE-2022-0878 was published Apr 13, 2022
Unauthenticated user can list hidden document from multiple velocity templates in XWiki Moderate
CVE-2022-24820 was published for org.xwiki.platform:xwiki-platform-web (Maven) Apr 8, 2022
Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Missing... High Unreviewed
CVE-2020-27376 was published Apr 8, 2022
A vulnerability was found in SAP Information System 1.0 which has been rated as critical.... High Unreviewed
CVE-2022-1248 was published Apr 7, 2022
AVEVA System Platform versions 2017 through 2020 R2 P01 does not perform any authentication for... Critical Unreviewed
CVE-2021-33008 was published Apr 5, 2022
Sensitive information can be obtained through the handling of serialized data. The issue results... Moderate Unreviewed
CVE-2020-14479 was published Apr 3, 2022
The software does not perform any authentication for critical system functionality. Moderate Unreviewed
CVE-2022-0922 was published Apr 3, 2022
In Totolink A3100R V5.9c.4577, "test.asp" contains an API-like function, which is not... Moderate Unreviewed
CVE-2021-46006 was published Apr 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database