GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,952

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,156 advisories

Filter by severity

Sort by

Least recently updated

TCMAN GIM is vulnerable to a lack of authorization in all available webservice methods listed in ... High Unreviewed

CVE-2021-40851 was published Dec 18, 2021

Clementine Music Player through 1.3.1 is vulnerable to a User Mode Write Access Violation,... High Unreviewed

CVE-2021-40826 was published Dec 16, 2021

In stopVpnProfile of Vpn.java, there is a possible VPN profile reset due to a permissions bypass.... High Unreviewed

CVE-2021-0649 was published Dec 16, 2021

The impacted products, when configured to use SSO, are affected by an improper authentication... Critical Unreviewed

CVE-2021-43935 was published Dec 16, 2021

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated... Critical Unreviewed

CVE-2021-44524 was published Dec 15, 2021

Sysaid API User Enumeration - Attacker sending requests to specific api path without any... Moderate Unreviewed

CVE-2021-36721 was published Dec 15, 2021

glFusion CMS 1.7.9 is affected by an access control vulnerability via /public_html/users.php. Critical Unreviewed

CVE-2021-44949 was published Dec 15, 2021

The RegistrationMagic WordPress plugin made it possible for unauthenticated users to log in as... Critical Unreviewed

CVE-2021-4073 was published Dec 15, 2021

In Cibele Thinfinity VirtualUI before 3.0, /changePassword returns different responses for... Moderate Unreviewed

CVE-2021-44848 was published Dec 14, 2021

Auerswald COMfortel 1400 IP and 2600 IP before 2.8G devices allow Authentication Bypass via the ... High Unreviewed

CVE-2021-40856 was published Dec 14, 2021

An issue was discovered in Reprise RLM 14.2. Because /goform/change_password_process does not... Critical Unreviewed

CVE-2021-44152 was published Dec 14, 2021

Lack of an access control check in the External Status Check feature allowed any authenticated... Moderate Unreviewed

CVE-2021-39916 was published Dec 14, 2021

Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code... Critical Unreviewed

CVE-2021-44515 was published Dec 13, 2021

A improper authentication in Fortinet FortiAuthenticator version 6.4.0 allows user to bypass the... High Unreviewed

CVE-2021-43068 was published Dec 10, 2021

Gryphon Tower routers contain an unprotected openvpn configuration file which can grant attackers... High Unreviewed

CVE-2021-20145 was published Dec 10, 2021

An authentication bypass vulnerability exists in the get_aes_key_info_by_packetid() function of... High Unreviewed

CVE-2021-21955 was published Dec 10, 2021

ManageEngine's OpUtils 12.5.556 and prior allow access to a few audit directories without... Critical Unreviewed

CVE-2021-44514 was published Dec 10, 2021

Affected versions of Atlassian Jira Server and Data Center allow attackers with access to an... High Unreviewed

CVE-2021-41311 was published Dec 9, 2021

Affected versions of Atlassian Jira Server and Data Center allow a user who has had their Jira... Moderate Unreviewed

CVE-2021-41309 was published Dec 9, 2021

There is an Identity spoofing and authentication bypass vulnerability in Huawei Smartphone... High Unreviewed

CVE-2021-37054 was published Dec 9, 2021

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation... High Unreviewed

CVE-2021-37043 was published Dec 8, 2021

There is a Improper Authentication vulnerability in Huawei Smartphone.Successful exploitation of... High Unreviewed

CVE-2021-37100 was published Dec 8, 2021

The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 exposes an API router that... High Unreviewed

CVE-2021-43175 was published Dec 8, 2021

Maharashtra State Electricity Board Mahavitara Android Application 8.20 and prior is vulnerable... Critical Unreviewed

CVE-2021-41716 was published Dec 8, 2021

The authentication algorithm of the WebHMI portal is sound, but the implemented mechanism can be... Critical Unreviewed

CVE-2021-43931 was published Dec 7, 2021

Previous 1 2 … 123 124 125 126 127 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,156 advisories