GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
41 advisories
Filter by severity
The iBoot device’s basic discovery protocol assists in initial device configuration. The...
High
Unreviewed
CVE-2022-47320
was published
Jul 6, 2023
The WP User Switch plugin for WordPress is vulnerable to authentication bypass in versions up to,...
High
Unreviewed
CVE-2023-2546
was published
Jun 6, 2023
A proprietary protocol for iBoot devices is used for control and keepalive commands. The function...
High
Unreviewed
CVE-2022-47311
was published
May 23, 2023
An Authentication Bypass Using an Alternate Path or Channel vulnerability in the Schweitzer...
High
Unreviewed
CVE-2023-31152
was published
May 10, 2023
Datalogic AV7000 Linear barcode scanner all versions prior to 4.6.0.0 is vulnerable to...
High
Unreviewed
CVE-2019-13526
was published
May 24, 2022
Devise Gem for Ruby Unauthorized Access Using "Remember Me" Cookie
High
CVE-2015-8314
was published
for
devise
(RubyGems)
Jan 26, 2023
A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service...
High
Unreviewed
CVE-2022-2031
was published
Aug 26, 2022
Use of static encryption key material allows forging an authentication token to other users...
High
Unreviewed
CVE-2022-23724
was published
May 5, 2022
Authentication Bypass Using an Alternate Path or Channel and Authentication Bypass by Primary Weakness in rucio-webui
High
GHSA-v988-828w-xvf2
was published
for
rucio-webui
(pip)
Oct 22, 2021
A vulnerability in the application authentication and authorization mechanism in Hitachi Energy's...
High
Unreviewed
CVE-2021-35530
was published
Jun 8, 2022
glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster...
High
Unreviewed
CVE-2018-10841
was published
May 13, 2022
The standard access path of the IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) requires...
High
Unreviewed
CVE-2021-33017
was published
Dec 28, 2021
This vulnerability allows network-adjacent attackers to bypass authentication on affected...
High
Unreviewed
CVE-2020-27866
was published
May 24, 2022
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected...
High
Unreviewed
CVE-2020-27865
was published
May 24, 2022
XWiki Platform Web Templates vulnerable to Unauthorized User Registration Through the Distribution Wizard
High
CVE-2022-36093
was published
for
org.xwiki.platform:xwiki-platform-web
(Maven)
Sep 16, 2022
An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service...
High
Unreviewed
CVE-2022-22189
was published
Apr 15, 2022
ProTip!
Advisories are also available from the
GraphQL API