Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

841 advisories

Loading
Arbitrary File Deletion vulnerability in XOS-Shop xos_shop_system 1.0.9 via... High Unreviewed
CVE-2021-46820 was published Jun 17, 2022
The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of... High Unreviewed
CVE-2022-1329 was published Apr 20, 2022
There is an missing authorization issue in the system service. Since the component does not have... High Unreviewed
CVE-2022-20432 was published Oct 12, 2022
There is an missing authorization issue in the system service. Since the component does not have... High Unreviewed
CVE-2022-20434 was published Oct 12, 2022
There is an missing authorization issue in the system service. Since the component does not have... High Unreviewed
CVE-2022-20431 was published Oct 12, 2022
There is an missing authorization issue in the system service. Since the component does not have... High Unreviewed
CVE-2022-20430 was published Oct 12, 2022
WP DSGVO Tools (GDPR) <= 3.1.23 had an AJAX action, ‘admin-dismiss-unsubscribe‘, which lacked a... High Unreviewed
CVE-2021-42359 was published May 24, 2022
Affected devices do not properly authorize the change password function of the web interface.... High Unreviewed
CVE-2022-31765 was published Oct 11, 2022
Arbitrary File Deletion vulnerability in XOS-Shop xos_shop_system 1.0.9 via... High Unreviewed
CVE-2021-37764 was published Jun 17, 2022
An issue was discovered in Couchbase Server before 7.0.4. The Index Service does not enforce... High Unreviewed
CVE-2022-32557 was published Jun 15, 2022
The export_data function of the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4... High Unreviewed
CVE-2021-24352 was published May 24, 2022
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote... High Unreviewed
CVE-2021-1505 was published May 24, 2022
The S3 buckets and keys in a secure Apache Ozone Cluster must be inaccessible to anonymous access... High Unreviewed
CVE-2020-17517 was published May 24, 2022
The Filr WordPress plugin before 1.2.2.1 does not have authorisation check in two of its AJAX... High Unreviewed
CVE-2022-1777 was published Jun 14, 2022
It has been discovered that redhat-certification does not perform an authorization check and... High Unreviewed
CVE-2018-10865 was published May 24, 2022
In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, a lack of capability... High Unreviewed
CVE-2021-24356 was published May 24, 2022
The import_data function of the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4... High Unreviewed
CVE-2021-24353 was published May 24, 2022
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a luci_service... High Unreviewed
CVE-2020-35756 was published May 24, 2022
Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated... High Unreviewed
CVE-2022-1066 was published Oct 21, 2022
Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated... High Unreviewed
CVE-2022-26423 was published Oct 21, 2022
KDiskMark before 3.1.0 lacks authorization checking for D-Bus methods such as Helper:... High Unreviewed
CVE-2022-40673 was published Sep 15, 2022
Jact OpenClinic 0.8.20160412 allows the attacker to read server files after login to the the... High Unreviewed
CVE-2020-20444 was published May 24, 2022
XWiki Platform Web Templates vulnerable to Missing Authorization, Exposure of Private Personal Information to Unauthorized Actor High
CVE-2022-36091 was published for org.xwiki.platform:xwiki-platform-web (Maven) Sep 16, 2022
FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a... High Unreviewed
CVE-2021-27855 was published Dec 16, 2021
OpenIAM before 4.2.0.3 does not verify if a user has permissions to perform /webconsole/rest/api/... High Unreviewed
CVE-2020-13422 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database