Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

257 advisories

Loading
Improper Input Validation and Missing Authentication for Critical Function in Apache ActiveMQ Moderate
CVE-2015-7559 was published for org.apache.activemq:activemq-client (Maven) Aug 1, 2019
sunSUNQ
Missing Authentication for Critical Function in LibreNMS Moderate
CVE-2019-10668 was published for librenms/librenms (Composer) Oct 11, 2019
Keycloak Missing authentication for critical function Moderate
CVE-2021-20262 was published for org.keycloak:keycloak-core (Maven) Mar 12, 2021
Improper Authentication in Apache Airflow Moderate
CVE-2021-26697 was published for apache-airflow (pip) Jun 18, 2021
sunSUNQ
Automatic room upgrade handling can be used maliciously to bridge a room non-consentually Moderate
CVE-2021-32659 was published for matrix-appservice-bridge (npm) Jun 21, 2021
Missing Authentication for Critical Function Moderate
CVE-2021-32709 was published for shopware/platform (Composer) Jun 29, 2021
Missing Authentication for Critical Function in Saleor Moderate
CVE-2020-7964 was published for saleor (pip) Jul 28, 2021
Missing Authorization in Apache Airflow Moderate
CVE-2021-35936 was published for apache-airflow (pip) Aug 30, 2021
sunSUNQ
Trendnet AC2600 TEW-827DRU version 2.08B01 lacks proper authentication to the bittorrent... Moderate Unreviewed
CVE-2021-20152 was published Dec 31, 2021
Improper Access Control in Onionshare Moderate
CVE-2022-21691 was published for onionshare-cli (pip) Jan 21, 2022
Improper Authentication in Apache ActiveMQ Moderate
CVE-2020-13920 was published for org.apache.activemq:activemq-parent (Maven) Feb 9, 2022
sunSUNQ
Denial of service in Grafana Moderate
CVE-2021-27358 was published for github.com/grafana/grafana (Go) Feb 15, 2022
In Totolink A3100R V5.9c.4577, "test.asp" contains an API-like function, which is not... Moderate Unreviewed
CVE-2021-46006 was published Apr 1, 2022
The software does not perform any authentication for critical system functionality. Moderate Unreviewed
CVE-2022-0922 was published Apr 3, 2022
Unauthenticated user can list hidden document from multiple velocity templates in XWiki Moderate
CVE-2022-24820 was published for org.xwiki.platform:xwiki-platform-web (Maven) Apr 8, 2022
ProTip! Advisories are also available from the GraphQL API