Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,296
Erlang
31
GitHub Actions
21
Go
2,063
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

333 advisories

Loading
KubeView vulnerable to full cluster takeover due to improper authentication Critical
CVE-2022-45933 was published for github.com/benc-uk/kubeview (Go) Nov 27, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. User authentication for accessing the... Critical Unreviewed
CVE-2022-44001 was published Nov 18, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. Due to exposed CORBA management... Critical Unreviewed
CVE-2022-43999 was published Nov 17, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. Due to an exposed internal... Critical Unreviewed
CVE-2022-44000 was published Nov 17, 2022
Multiple W&T products of the ComServer Series are prone to an authentication bypass. An... Critical Unreviewed
CVE-2022-42785 was published Nov 16, 2022
Apache SOAP contains unauthenticated RPCRouterServlet Critical
CVE-2022-45378 was published for soap:soap (Maven) Nov 14, 2022
VMware Workspace ONE Assist prior to 22.10 contains an Authentication Bypass vulnerability. A... Critical Unreviewed
CVE-2022-31685 was published Nov 10, 2022
** UNSUPPPORTED WHEN ASSIGNED **Broken Access Control in User Authentication in Avaya Scopia... Critical Unreviewed
CVE-2022-38168 was published Nov 4, 2022
Password recovery vulnerability in SICK SIM1004 Partnumber 1098148 with firmware version < 2.0.0... Critical Unreviewed
CVE-2022-27586 was published Nov 2, 2022
Password recovery vulnerability in SICK SIM1000 FX Partnumber 1097816 and 1097817 with firmware... Critical Unreviewed
CVE-2022-27585 was published Nov 2, 2022
Password recovery vulnerability in SICK SICK SIM4000 (PPC) Partnumber 1078787 allows an... Critical Unreviewed
CVE-2022-27582 was published Nov 2, 2022
Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 and 1080579 allows an... Critical Unreviewed
CVE-2022-27584 was published Nov 2, 2022
The database backup function in Delta Electronics InfraSuite Device Master Versions 00.00.01a and... Critical Unreviewed
CVE-2022-40202 was published Nov 1, 2022
A vulnerability has been found in SourceCodester Sanitization Management System 1.0 and... Critical Unreviewed
CVE-2022-3674 was published Oct 26, 2022
Missing authentication for critical function vulnerability in iSCSI management functionality in... Critical Unreviewed
CVE-2022-27623 was published Oct 25, 2022
Rdiffweb is missing authentication for critical function Critical
CVE-2022-3327 was published for rdiffweb (pip) Oct 20, 2022
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business... Critical Unreviewed
CVE-2022-21587 was published Oct 19, 2022
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version... Critical Unreviewed
CVE-2022-40684 was published Oct 18, 2022
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a missing... Critical Unreviewed
CVE-2022-22526 was published Sep 29, 2022
The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable... Critical Unreviewed
CVE-2022-1368 was published Sep 7, 2022
Honeywell Experion LX through 2022-05-06 has Missing Authentication for a Critical Function.... Critical Unreviewed
CVE-2022-30317 was published Sep 1, 2022
Missing authentication for critical function vulnerability in UNIMO Technology digital video... Critical Unreviewed
CVE-2022-35733 was published Aug 24, 2022
Authentication Bypass vulnerability in miniOrange OAuth 2.0 client for SSO plugin <= 1.11.3 at... Critical Unreviewed
CVE-2022-34858 was published Aug 23, 2022
A vulnerability was found in SourceCodester Company Website CMS 1.0. It has been declared as... Critical Unreviewed
CVE-2022-2765 was published Aug 12, 2022
The KUKA SystemSoftware V/KSS in versions prior to 8.6.5 is prone to improper access control as... Critical Unreviewed
CVE-2022-2242 was published Aug 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database