GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,528
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,983
Maven 5,158
npm 3,701
NuGet 656
pip 3,324
Pub 11
RubyGems 882
Rust 835
Swift 35

Unreviewed advisories

All unreviewed 233,071

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,029 advisories

Filter by severity

Sort by

Least recently updated

IBM QRadar SIEM 7.3 and 7.4 could allow an attacker to obtain sensitive information due to the... Moderate Unreviewed

CVE-2021-29779 was published Dec 2, 2021

Red Hat Network (RHN) Satellite Server 5.4 does not use a time delay after a failed login attempt... Moderate Unreviewed

CVE-2011-0718 was published May 17, 2022

VMware vFabric tc Server (aka SpringSource tc Server) 2.0.x before 2.0.6.RELEASE and 2.1.x before... Moderate Unreviewed

CVE-2011-0527 was published May 17, 2022

nslcd/pam.c in the nss-pam-ldapd 0.8.0 PAM module returns a success code when a user is not found... Moderate Unreviewed

CVE-2011-0438 was published May 17, 2022

Domain Technologie Control (DTC) before 0.32.9 does not require authentication for (1) admin... Moderate Unreviewed

CVE-2011-0435 was published May 17, 2022

The Mobile User Security (MUS) service on Cisco Adaptive Security Appliances (ASA) 5500 series... Moderate Unreviewed

CVE-2010-4690 was published May 17, 2022

An issue has been discovered in GitLab CE/EE affecting versions 13.0 to 14.6.5, 14.7 to 14.7.4,... Moderate Unreviewed

CVE-2021-4191 was published Mar 29, 2022

In Cibele Thinfinity VirtualUI before 3.0, /changePassword returns different responses for... Moderate Unreviewed

CVE-2021-44848 was published Dec 14, 2021

Sysaid API User Enumeration - Attacker sending requests to specific api path without any... Moderate Unreviewed

CVE-2021-36721 was published Dec 15, 2021

Lack of an access control check in the External Status Check feature allowed any authenticated... Moderate Unreviewed

CVE-2021-39916 was published Dec 14, 2021

Vivoh Webinar Manager before 3.6.3.0 has improper API authentication. When a user logs in to the... Moderate Unreviewed

CVE-2021-45900 was published Apr 1, 2022

Wyse Device Agent version 14.6.1.4 and below contain an Improper Authentication vulnerability. A... Moderate Unreviewed

CVE-2022-23156 was published Apr 2, 2022

Improper authorization in GitLab Pages included with GitLab CE/EE affecting all versions from 11... Moderate Unreviewed

CVE-2022-1148 was published Apr 5, 2022

Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from... Moderate Unreviewed

CVE-2021-20150 was published Dec 31, 2021

Improper authentication vulnerability in SecretMode in Samsung Internet prior to version 16.2.1... Moderate Unreviewed

CVE-2022-27839 was published Apr 12, 2022

Navigating to a specific URL with a patient ID number will result in the server generating a PDF... Moderate Unreviewed

CVE-2022-1067 was published Apr 12, 2022

Improper access control vulnerability in Knox Manage prior to SMR Apr-2022 Release 1 allows that... Moderate Unreviewed

CVE-2022-26091 was published Apr 12, 2022

Improper authentication vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical... Moderate Unreviewed

CVE-2022-25832 was published Apr 12, 2022

Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated... Moderate Unreviewed

CVE-2021-43950 was published Feb 16, 2022

The slapi_printmessage function in IBM Tivoli Directory Server (ITDS) before 6.0.0.8-TIV-ITDS... Moderate Unreviewed

CVE-2010-2927 was published May 17, 2022

The auth_send function in providers/ldap/ldap_auth.c in System Security Services Daemon (SSSD) 1... Moderate Unreviewed

CVE-2010-2940 was published May 17, 2022

stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it... Moderate Unreviewed

CVE-2010-2496 was published Apr 21, 2022

An authorization bypass exploited by a user-controlled key in SpecificApps REST API in... Moderate Unreviewed

CVE-2021-46249 was published Feb 17, 2022

A business logic vulnerability exists in Mi App Store. The vulnerability is caused by incomplete... Moderate Unreviewed

CVE-2020-14121 was published Apr 22, 2022

Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed... Moderate Unreviewed

CVE-2021-21131 was published May 24, 2022

Previous 1 2 3 4 5 … 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,029 advisories