GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,350
Composer 4,134
Erlang 29
GitHub Actions 19
Go 1,941
Maven 5,135
npm 3,681
NuGet 650
pip 3,298
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 231,415

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

285 advisories

Filter by severity

Sort by

Least recently updated

Tad Book3 editing book page does not perform identity verification. Remote attackers can use the... Critical Unreviewed

CVE-2021-41974 was published May 24, 2022

Properly formatted POST requests to multiple resources on the HTTP and HTTPS web servers of the... Critical Unreviewed

CVE-2021-38412 was published May 24, 2022

BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to ... Critical Unreviewed

CVE-2021-28913 was published May 24, 2022

Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that... Critical Unreviewed

CVE-2021-37415 was published May 24, 2022

In SapphireIMS 5.0, it is possible to create local administrator on any client without requiring... Critical Unreviewed

CVE-2020-25563 was published May 24, 2022

The resolution SAML SSO apps for Atlassian products allow a remote attacker to login to a user... Critical Unreviewed

CVE-2021-37843 was published May 24, 2022

Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5... Critical Unreviewed

CVE-2020-36239 was published May 24, 2022

A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T200 (... Critical Unreviewed

CVE-2021-22772 was published May 24, 2022

An issue was discovered in Echo ShareCare 8.15.5. It does not perform authentication or... Critical Unreviewed

CVE-2021-36124 was published May 24, 2022

A vulnerability in the user registration component found in the ~/src/Classes/RegistrationAuth... Critical Unreviewed

CVE-2021-34621 was published May 24, 2022

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are... Critical Unreviewed

CVE-2021-33221 was published May 24, 2022

The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does... Critical Unreviewed

CVE-2021-31337 was published May 24, 2022

A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated... Critical Unreviewed

CVE-2021-23847 was published May 24, 2022

CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control. Critical Unreviewed

CVE-2021-30190 was published May 24, 2022

In multiple managed switches by WAGO in different versions without authorization and with... Critical Unreviewed

CVE-2021-20998 was published May 24, 2022

themegrill-demo-importer before 1.6.2 does not require authentication for wiping the database,... Critical Unreviewed

CVE-2020-36333 was published May 24, 2022

Missing authentication for critical function in DAP-1880AC firmware version 1.21 and earlier... Critical Unreviewed

CVE-2021-20697 was published May 24, 2022

Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) allow Authentication... Critical Unreviewed

CVE-2020-25218 was published May 24, 2022

The Web CGI Script on ZyXEL LTE4506-M606 V1.00(ABDO.2)C0 devices does not require authentication,... Critical Unreviewed

CVE-2020-28899 was published May 24, 2022

An issue was discovered in SquareBox CatDV Server through 9.2. An attacker can invoke sensitive... Critical Unreviewed

CVE-2021-26705 was published May 24, 2022

Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated,... Critical Unreviewed

CVE-2021-1393 was published May 24, 2022

Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing... Critical Unreviewed

CVE-2021-22652 was published May 24, 2022

A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All... Critical Unreviewed

CVE-2020-15798 was published May 24, 2022

IBM Security Identity Governance and Intelligence 5.2.6 does not perform any authentication for... Critical Unreviewed

CVE-2020-4958 was published May 24, 2022

HGiga EIP product lacks ineffective access control in certain pages that allow attackers to... Critical Unreviewed

CVE-2021-22850 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

285 advisories