Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,331
Erlang
31
GitHub Actions
21
Go
2,093
Maven
5,000+
npm
3,756
NuGet
678
pip
3,443
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

340 advisories

Loading
themegrill-demo-importer before 1.6.2 does not require authentication for wiping the database,... Critical Unreviewed
CVE-2020-36333 was published May 24, 2022
In multiple managed switches by WAGO in different versions without authorization and with... Critical Unreviewed
CVE-2021-20998 was published May 24, 2022
CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control. Critical Unreviewed
CVE-2021-30190 was published May 24, 2022
A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated... Critical Unreviewed
CVE-2021-23847 was published May 24, 2022
The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does... Critical Unreviewed
CVE-2021-31337 was published May 24, 2022
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are... Critical Unreviewed
CVE-2021-33221 was published May 24, 2022
A vulnerability in the user registration component found in the ~/src/Classes/RegistrationAuth... Critical Unreviewed
CVE-2021-34621 was published May 24, 2022
An issue was discovered in Echo ShareCare 8.15.5. It does not perform authentication or... Critical Unreviewed
CVE-2021-36124 was published May 24, 2022
A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T200 (... Critical Unreviewed
CVE-2021-22772 was published May 24, 2022
Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5... Critical Unreviewed
CVE-2020-36239 was published May 24, 2022
The resolution SAML SSO apps for Atlassian products allow a remote attacker to login to a user... Critical Unreviewed
CVE-2021-37843 was published May 24, 2022
In SapphireIMS 5.0, it is possible to create local administrator on any client without requiring... Critical Unreviewed
CVE-2020-25563 was published May 24, 2022
Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that... Critical Unreviewed
CVE-2021-37415 was published May 24, 2022
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to ... Critical Unreviewed
CVE-2021-28913 was published May 24, 2022
Missing Authentication for Critical Function in Apache Airflow Critical
CVE-2021-38540 was published for apache-airflow (pip) May 24, 2022
Properly formatted POST requests to multiple resources on the HTTP and HTTPS web servers of the... Critical Unreviewed
CVE-2021-38412 was published May 24, 2022
Tad Book3 editing book page does not perform identity verification. Remote attackers can use the... Critical Unreviewed
CVE-2021-41974 was published May 24, 2022
The server permits communication without any authentication procedure, allowing the attacker to... Critical Unreviewed
CVE-2021-38457 was published May 24, 2022
The manage users profile services of the network camera device allows an authenticated. Remote... Critical Unreviewed
CVE-2021-30167 was published May 24, 2022
The affected product’s configuration is vulnerable due to missing authentication, which may allow... Critical Unreviewed
CVE-2021-32930 was published May 24, 2022
An improper authentication vulnerability exists in the REST API functionality of Open Automation... Critical Unreviewed
CVE-2022-26833 was published May 26, 2022
A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open... Critical Unreviewed
CVE-2022-26082 was published May 26, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). There... Critical Unreviewed
CVE-2022-32251 was published Jun 15, 2022
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6),... Critical Unreviewed
CVE-2022-30230 was published Jun 15, 2022
There is no account authentication and permission check logic in the firmware and existing apps... Critical Unreviewed
CVE-2021-26637 was published Jun 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database