Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,112
Maven
5,000+
npm
3,767
NuGet
680
pip
3,454
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,693 advisories

Loading
Missing permission check in Jenkins JiraTestResultReporter Plugin Moderate
CVE-2022-28137 was published for org.jenkins-ci.plugins:JiraTestResultReporter (Maven) Mar 30, 2022
NotMyFault
Missing permission checks in Jekins Bitbucket Server Integration Plugin Moderate
CVE-2022-28134 was published for io.jenkins.plugins:atlassian-bitbucket-server-integration (Maven) Mar 30, 2022
NotMyFault
Missing permission check in Jenkins RocketChat Notifier Plugin Moderate
CVE-2022-28139 was published for org.jenkins-ci.plugins:rocketchatnotifier (Maven) Mar 30, 2022
NotMyFault tdunlap607
Missing authorization vulnerability in Advanced Custom Fields versions prior to 5.12.1 and... Moderate Unreviewed
CVE-2022-23183 was published Apr 1, 2022
The Amelia WordPress plugin before 1.0.48 does not have proper authorisation when handling Amelia... Moderate Unreviewed
CVE-2022-0837 was published Apr 5, 2022
The Material Design for Contact Form 7 WordPress plugin through 2.6.4 does not check... Moderate Unreviewed
CVE-2022-0404 was published Apr 5, 2022
The Amelia WordPress plugin before 1.0.49 does not have proper authorisation when managing... Moderate Unreviewed
CVE-2022-0825 was published Apr 5, 2022
The Salon booking system Free and pro WordPress plugins before 7.6.3 do not have proper... Moderate Unreviewed
CVE-2022-0919 was published Apr 12, 2022
Missing permission checks in Jenkins Publish Over FTP Plugin Moderate
CVE-2022-29051 was published for org.jenkins-ci.plugins:publish-over-ftp (Maven) Apr 13, 2022
westonsteimel
The RSVP and Event Management Plugin WordPress plugin before 2.7.8 does not have any... Moderate Unreviewed
CVE-2022-1054 was published Apr 19, 2022
The myCred WordPress plugin before 2.4.4 does not have authorisation and CSRF checks in its... Moderate Unreviewed
CVE-2022-1092 was published Apr 26, 2022
The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 does not have... Moderate Unreviewed
CVE-2022-0398 was published Apr 26, 2022
The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 lacks authorization... Moderate Unreviewed
CVE-2022-0634 was published Apr 26, 2022
The myCred WordPress plugin before 2.4.3.1 does not have any authorisation in place in its mycred... Moderate Unreviewed
CVE-2022-0287 was published Apr 26, 2022
The myCred WordPress plugin before 2.4.4 does not have any authorisation and CSRF checks in the... Moderate Unreviewed
CVE-2022-0363 was published Apr 26, 2022
Improper Access Control in snipe/snipe-it Moderate
CVE-2022-1511 was published for snipe/snipe-it (Composer) Apr 29, 2022
Various administrative external system import resources in Atlassian JIRA Server (including JIRA... Moderate Unreviewed
CVE-2017-18101 was published Apr 30, 2022
nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR privilege before setting... Moderate Unreviewed
CVE-2005-3623 was published May 1, 2022
The Virtual Network Terminal Server daemon (vntsd) for Logical Domains (aka LDoms) in Sun Solaris... Moderate Unreviewed
CVE-2009-2282 was published May 2, 2022
Mevin Productions Basic PHP Events Lister 2.0 does not properly restrict access to (1) admin... Moderate Unreviewed
CVE-2009-3168 was published May 2, 2022
In aee daemon, there is a possible information disclosure due to a missing permission check. This... Moderate Unreviewed
CVE-2022-20102 was published May 4, 2022
Unprotected activities in Voice Note prior to version 21.3.51.11 allows attackers to record voice... Moderate Unreviewed
CVE-2022-28789 was published May 4, 2022
In aee daemon, there is a possible information disclosure due to a missing permission check. This... Moderate Unreviewed
CVE-2022-20098 was published May 4, 2022
In aee daemon, there is a possible information disclosure due to a missing permission check. This... Moderate Unreviewed
CVE-2022-20100 was published May 4, 2022
The Authenticated User Page Caching (Authcache) module 7.x-1.x before 7.x-1.5 for Drupal does not... Moderate Unreviewed
CVE-2013-4226 was published May 5, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database