GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,787
Composer 4,248
Erlang 31
GitHub Actions 21
Go 2,016
Maven 5,202
npm 3,721
NuGet 662
pip 3,400
Pub 11
RubyGems 890
Rust 852
Swift 36

Unreviewed advisories

All unreviewed 236,241

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

786 advisories

Filter by severity

Sort by

Least recently updated

An authentication bypass vulnerability was discovered in the web interface of the Lenovo Fan... Critical Unreviewed

CVE-2021-3849 was published Apr 23, 2022

The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows... Critical Unreviewed

CVE-2022-0992 was published Apr 20, 2022

The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows... Critical Unreviewed

CVE-2022-0993 was published Apr 20, 2022

A flaw was found in 389-ds-base. If an asterisk is imported as password hashes, either... Critical Unreviewed

CVE-2021-3652 was published Apr 19, 2022

ThinVNC version 1.0b1 allows an unauthenticated user to bypass the authentication process via ... Critical Unreviewed

CVE-2022-25226 was published Apr 19, 2022

Improper authentication vulnerability in the communication protocol provided by AD (Automation... Critical Unreviewed

CVE-2022-26034 was published Apr 16, 2022

A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC)... Critical Unreviewed

CVE-2022-20695 was published Apr 16, 2022

VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE... Critical Unreviewed

CVE-2022-22955 was published Apr 14, 2022

VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE... Critical Unreviewed

CVE-2022-22956 was published Apr 14, 2022

The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings... Critical Unreviewed

CVE-2021-46742 was published Apr 12, 2022

All programming connections receive the same unlocked privileges, which can result in a privilege... Critical Unreviewed

CVE-2021-32984 was published Apr 5, 2022

After Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 is... Critical Unreviewed

CVE-2021-32986 was published Apr 5, 2022

Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 does not protect... Critical Unreviewed

CVE-2021-32980 was published Apr 5, 2022

An issue in provider/libserver/ECKrbAuth.cpp of Kopano-Core v11.0.2.51 contains an issue which... Critical Unreviewed

CVE-2022-26562 was published Apr 2, 2022

An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. A user row was not... Critical Unreviewed

CVE-2022-23795 was published Mar 31, 2022

A vulnerability in the authentication logic of Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker... Critical Unreviewed

CVE-2019-9564 was published Mar 31, 2022

A vulnerability classified as critical was found in SourceCodester One Church Management System 1... Critical Unreviewed

CVE-2022-1084 was published Mar 30, 2022

An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware... Critical Unreviewed

CVE-2022-0342 was published Mar 29, 2022

An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker... Critical Unreviewed

CVE-2022-1040 was published Mar 26, 2022

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication... Critical Unreviewed

CVE-2022-0547 was published Mar 19, 2022

In maccms v10, an attacker can log in through /index.php/user/login in the "col" and "openid"... Critical Unreviewed

CVE-2021-45786 was published Mar 17, 2022

YzmCMS v6.3 is affected by broken access control. Without login, unauthorized access to the user... Critical Unreviewed

CVE-2022-23383 was published Mar 11, 2022

A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to... Critical Unreviewed

CVE-2022-0715 was published Mar 10, 2022

Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types. Critical Unreviewed

CVE-2022-0730 was published Mar 5, 2022

An improper authentication vulnerability in FortiMail before 7.0.1 may allow a remote attacker to... Critical Unreviewed

CVE-2021-36166 was published Mar 2, 2022

Previous 1 2 … 27 28 29 30 31 32 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

786 advisories