Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

786 advisories

Loading
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 allows user input to... Critical Unreviewed
CVE-2021-43355 was published Jan 22, 2022
Zoho ManageEngine Desktop Central before 10.1.2137.9 and Desktop Central MSP before 10.1.2137.9... Critical Unreviewed
CVE-2021-44757 was published Jan 19, 2022
An incorrect setting of UXN bits within mmu_flags_to_s1_pte_attr lead to privileged executable... Critical Unreviewed
CVE-2021-22566 was published Jan 19, 2022
An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web... Critical Unreviewed
CVE-2022-23178 was published Jan 16, 2022
Some Dahua products have access control vulnerability in the password reset process. Attackers... Critical Unreviewed
CVE-2021-33046 was published Jan 14, 2022
This vulnerability allows remote attackers to bypass authentication on affected installations of... Critical Unreviewed
CVE-2021-34993 was published Jan 14, 2022
StarWind SAN & NAS build 1578 and StarWind Command Center Build 6864 Update Manager allows... Critical Unreviewed
CVE-2021-45389 was published Jan 5, 2022
The server-request receiver function of Shockwall system has an improper authentication... Critical Unreviewed
CVE-2021-45917 was published Jan 4, 2022
Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication bypass vulnerability. It is... Critical Unreviewed
CVE-2021-20158 was published Dec 31, 2021
basic/BasicAuthProvider.java in AuthGuard before 0.9.0 allows authentication via an inactive... Critical Unreviewed
CVE-2021-45890 was published Dec 28, 2021
NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass. Critical Unreviewed
CVE-2021-45496 was published Dec 27, 2021
NETGEAR D7000 devices before 1.0.1.68 are affected by authentication bypass. Critical Unreviewed
CVE-2021-45495 was published Dec 27, 2021
NETGEAR R6700v2 devices before 1.2.0.88 are affected by authentication bypass. Critical Unreviewed
CVE-2021-45498 was published Dec 27, 2021
NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass. Critical Unreviewed
CVE-2021-45497 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects AC2400 before 1.1.0... Critical Unreviewed
CVE-2021-45501 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24... Critical Unreviewed
CVE-2021-45504 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24... Critical Unreviewed
CVE-2021-45507 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24... Critical Unreviewed
CVE-2021-45509 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24... Critical Unreviewed
CVE-2021-45508 was published Dec 27, 2021
Certain NETGEAR devices are affected by authentication bypass. This affects AC2100 before 2021-08... Critical Unreviewed
CVE-2021-45511 was published Dec 27, 2021
Zoho ManageEngine ServiceDesk Plus before 12003 allows authentication bypass in certain admin... Critical Unreviewed
CVE-2021-44526 was published Dec 24, 2021
An authentication bypass vulnerability exists in the CMD_DEVICE_GET_RSA_KEY_REQUEST functionality... Critical Unreviewed
CVE-2021-21952 was published Dec 23, 2021
Mesa Labs AmegaView Versions 3.0 and prior’s passcode is generated by an easily reversible... Critical Unreviewed
CVE-2021-27451 was published Dec 22, 2021
Zoho ManageEngine ServiceDesk Plus MSP before 10.5 Build 10534 is vulnerable to unauthenticated... Critical Unreviewed
CVE-2021-44675 was published Dec 21, 2021
VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 contain an authentication bypass... Critical Unreviewed
CVE-2021-22057 was published Dec 21, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database