Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

257 advisories

Loading
The Bluetooth module has an authentication bypass vulnerability in the pairing process.... Moderate Unreviewed
CVE-2022-48291 was published Mar 28, 2023
SAP NetWeaver AS Java for Deploy Service - version 7.5, does not perform any access control... Moderate Unreviewed
CVE-2023-24527 was published Apr 11, 2023
An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. There exists an... Moderate Unreviewed
CVE-2020-15894 was published May 24, 2022
Several web interfaces in D-Link DIR-868LW 1.12b have no authentication requirements for access,... Moderate Unreviewed
CVE-2021-33259 was published May 24, 2022
D-Link DSL-2875AL devices through 1.00.05 are prone to password disclosure via a simple crafted ... Moderate Unreviewed
CVE-2019-15655 was published May 24, 2022
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface ... Moderate Unreviewed
CVE-2019-19225 was published May 24, 2022
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface ... Moderate Unreviewed
CVE-2019-19224 was published May 24, 2022
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface ... Moderate Unreviewed
CVE-2019-19226 was published May 24, 2022
An issue was discovered on D-Link DSR-250N before 3.17B devices. The CGI script... Moderate Unreviewed
CVE-2020-26567 was published May 24, 2022
The WPQA Builder WordPress plugin before 5.4 which is a companion to the Discy and Himer , lacks... Moderate Unreviewed
CVE-2022-1598 was published Jun 9, 2022
The CMP WordPress plugin before 4.0.19 allows any user, even not logged in, may arbitrarily... Moderate Unreviewed
CVE-2022-0188 was published Feb 15, 2022
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where a... Moderate Unreviewed
CVE-2022-21816 was published Feb 8, 2022
PingID Windows Login prior to 2.8 does not authenticate communication with a local Java service... Moderate Unreviewed
CVE-2022-23719 was published Jul 1, 2022
The Duplicator WordPress plugin before 1.4.7.1 does not authenticate or authorize visitors before... Moderate Unreviewed
CVE-2022-2552 was published Aug 23, 2022
Unauthenticated user can list hidden document from multiple velocity templates in XWiki Moderate
CVE-2022-24820 was published for org.xwiki.platform:xwiki-platform-web (Maven) Apr 8, 2022
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All... Moderate Unreviewed
CVE-2022-29883 was published May 21, 2022
Palantir Gotham included an unauthenticated endpoint that listed all active usernames on the... Moderate Unreviewed
CVE-2022-27891 was published Feb 16, 2023
Fedora CoreOS supports setting a GRUB bootloader password using a Butane config. When this... Moderate Unreviewed
CVE-2022-3675 was published Nov 3, 2022
The Visual Form Builder WordPress plugin before 3.0.6 does not perform access control on entry... Moderate Unreviewed
CVE-2022-0140 was published Apr 13, 2022
Some Brother printers (such as the HL-L8360CDW v1.20) were affected by different information... Moderate Unreviewed
CVE-2019-13194 was published May 24, 2022
Keycloak Missing authentication for critical function Moderate
CVE-2021-20262 was published for org.keycloak:keycloak-core (Maven) Mar 12, 2021
An attacker with physical access to a BrilliantTS FUZE card (MCU firmware 0.1.73, BLE firmware 0... Moderate Unreviewed
CVE-2018-9119 was published May 14, 2022
Denial of service in Grafana Moderate
CVE-2021-27358 was published for github.com/grafana/grafana (Go) Feb 15, 2022
Openstack tripleo-heat-templates unauthenticated file access Moderate
CVE-2017-12155 was published for tripleo-heat-templates (pip) May 13, 2022
Cilium vulnerable to bypass of namespace restrictions in CiliumNetworkPolicy Moderate
CVE-2023-41333 was published for github.com/cilium/cilium (Go) Sep 27, 2023
odinuge
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database