Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,234 advisories

Loading
Missing Authentication for Critical Function in Apache Cassandra Critical
CVE-2018-8016 was published for org.apache.cassandra:cassandra-all (Maven) May 13, 2022
MarkLee131
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers... Critical Unreviewed
CVE-2016-2004 was published May 14, 2022
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: missing... Critical Unreviewed
CVE-2018-5338 was published May 14, 2022
Phoenix Contact ProConOs and MultiProg do not require authentication, which allows remote... High Unreviewed
CVE-2014-9195 was published May 14, 2022
The JMX/RMI interface in Nasdaq BWise 5.0 does not require authentication for an SAP BO Component... Critical Unreviewed
CVE-2018-11247 was published May 14, 2022
In Schneider Electric Evlink Charging Station versions prior to v3.2.0-12_v1, the Web Interface... Critical Unreviewed
CVE-2018-7778 was published May 14, 2022
GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an... High Unreviewed
CVE-2017-0919 was published May 14, 2022
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an... High Unreviewed
CVE-2018-11476 was published May 14, 2022
An attacker with physical access to a BrilliantTS FUZE card (MCU firmware 0.1.73, BLE firmware 0... Moderate Unreviewed
CVE-2018-9119 was published May 14, 2022
Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute... High Unreviewed
CVE-2018-0554 was published May 14, 2022
Contec Smart Home 4.15 devices do not require authentication for new_user.php, edit_user.php,... Critical Unreviewed
CVE-2018-9162 was published May 14, 2022
Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to log in as user "sddm"... High Unreviewed
CVE-2014-7271 was published May 14, 2022
Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to bypass authentication and... High Unreviewed
CVE-2017-10854 was published May 14, 2022
Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to bypass authentication... High Unreviewed
CVE-2018-0521 was published May 14, 2022
SAP NetWeaver System Landscape Directory, LM-CORE 7.10, 7.20, 7.30, 7.31, 7.40, does not perform... Critical Unreviewed
CVE-2018-2368 was published May 14, 2022
eQ-3 AG HomeMatic CCU2 2.29.22 devices have an open XML-RPC port without authentication. This can... Critical Unreviewed
CVE-2018-7301 was published May 14, 2022
SAP Startup Service, SAP KERNEL 7.45, 7.49, and 7.52, is missing an authentication check for... High Unreviewed
CVE-2018-2360 was published May 14, 2022
The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no... High Unreviewed
CVE-2017-8155 was published May 17, 2022
The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no... High Unreviewed
CVE-2017-8156 was published May 17, 2022
IBM Security Identity Manager Adapters 6.0 and 7.0 does not perform an authentication check for a... High Unreviewed
CVE-2017-1483 was published May 17, 2022
A potential security vulnerability has been identified in HPE Application Performance Management ... Critical Unreviewed
CVE-2017-14350 was published May 17, 2022
The ListView control in the Client GUI (AClient.exe) in Symantec Altiris Deployment Solution 6.x... Moderate Unreviewed
CVE-2008-6827 was published May 17, 2022
Authentication Bypass vulnerability in the web interface in McAfee Advanced Threat Defense (ATD)... Critical Unreviewed
CVE-2017-4052 was published May 17, 2022
Exploitation of Authentication vulnerability in the web interface in McAfee Advanced Threat... High Unreviewed
CVE-2017-4055 was published May 17, 2022
In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0,... Critical Unreviewed
CVE-2017-10804 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database