GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,414

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,997 advisories

Filter by severity

Sort by

Least recently updated

Philips MRI 1.5T and MRI 3T Version 5.x.x does not restrict or incorrectly restricts access to a... Moderate Unreviewed

CVE-2021-26262 was published Nov 20, 2021

Adobe Creative Cloud version 5.5 (and earlier) are affected by a privilege escalation... High Unreviewed

CVE-2021-43019 was published Nov 24, 2021

The Download Plugin WordPress plugin before 1.6.1 does not have capability and CSRF checks in the... Moderate Unreviewed

CVE-2021-24703 was published Nov 24, 2021

Insulet Omnipod Insulin Management System insulin pump product ID 19191 and 40160 is designed to... High Unreviewed

CVE-2020-10627 was published Dec 2, 2021

The User Meta Shortcodes WordPress plugin through 0.5 registers a shortcode that allows any user... Moderate Unreviewed

CVE-2021-24859 was published Dec 14, 2021

The Improved Include Page WordPress plugin through 1.2 allows passing shortcode attributes with... Moderate Unreviewed

CVE-2021-24845 was published Dec 14, 2021

peertube is vulnerable to Improper Access Control High Unreviewed

CVE-2022-0133 was published Jan 11, 2022

peertube is vulnerable to Improper Access Control Moderate Unreviewed

CVE-2022-0170 was published Jan 12, 2022

The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib... High Unreviewed

CVE-2021-24906 was published Jan 25, 2022

The WP Post Page Clone WordPress plugin before 1.2 allows users with a role as low as Contributor... Moderate Unreviewed

CVE-2021-24733 was published Jan 25, 2022

Prior to v0.6.1, bored-agent failed to sanitize incoming kubernetes impersonation headers... High Unreviewed

CVE-2022-0270 was published Jan 26, 2022

The LabTools WordPress plugin through 1.0 does not have proper authorisation and CSRF check in... Moderate Unreviewed

CVE-2021-25097 was published Feb 2, 2022

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where a... Moderate Unreviewed

CVE-2022-21816 was published Feb 8, 2022

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper... Moderate Unreviewed

CVE-2022-21813 was published Feb 8, 2022

The Ultimate Product Catalog WordPress plugin before 5.0.26 does not have authorisation and CSRF... Moderate Unreviewed

CVE-2021-24993 was published Feb 8, 2022

The IP2Location Country Blocker WordPress plugin before 2.26.5 does not have authorisation and... High Unreviewed

CVE-2021-25095 was published Feb 8, 2022

The Advanced Cron Manager WordPress plugin before 2.4.2, advanced-cron-manager-pro WordPress... Moderate Unreviewed

CVE-2021-25084 was published Feb 8, 2022

The SupportCandy WordPress plugin before 2.2.5 does not have authorisation and CRSF checks in its... Moderate Unreviewed

CVE-2021-24839 was published Feb 8, 2022

After the initial setup process, some steps of setup.php file are reachable not only by super... Moderate Unreviewed

CVE-2022-23134 was published Feb 9, 2022

An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111... High Unreviewed

CVE-2022-21825 was published Feb 11, 2022

An improper access control in LiveWallpaperService prior to versions 3.0.9.0 allows to create a... Moderate Unreviewed

CVE-2022-24924 was published Feb 12, 2022

Improper access control vulnerability in Samsung SearchWidget prior to versions 2.3.00.6 in China... Low Unreviewed

CVE-2022-24923 was published Feb 12, 2022

An Improper access control vulnerability in StBedtimeModeReceiver in Wear OS 3.0 prior to... Moderate Unreviewed

CVE-2022-23994 was published Feb 12, 2022

Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S(12)... Moderate Unreviewed

CVE-2022-23433 was published Feb 12, 2022

The backend infrastructure shared by multiple mobile device monitoring services does not... High Unreviewed

CVE-2022-0732 was published Feb 25, 2022

Previous 1 2 3 4 5 … 79 80 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,997 advisories