GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
22 advisories
Filter by severity
Navigating to a specific URL with a patient ID number will result in the server generating a PDF...
Moderate
Unreviewed
CVE-2022-1067
was published
Apr 12, 2022
Successful exploitation of this vulnerability on Claroty Secure Remote Access (SRA) Site versions...
Moderate
Unreviewed
CVE-2021-32958
was published
May 24, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected...
Moderate
Unreviewed
CVE-2020-15633
was published
May 24, 2022
This vulnerability allows network-adjacent attackers to disclose sensitive information on...
Moderate
Unreviewed
CVE-2020-17409
was published
May 24, 2022
This vulnerability allows network-adjacent attackers to disclose sensitive information on...
Moderate
Unreviewed
CVE-2020-27863
was published
May 24, 2022
PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry...
Moderate
Unreviewed
CVE-2022-23725
was published
Jul 1, 2022
PingID Windows Login prior to 2.8 does not authenticate communication with a local Java service...
Moderate
Unreviewed
CVE-2022-23719
was published
Jul 1, 2022
A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series...
Moderate
Unreviewed
CVE-2023-20018
was published
Jan 20, 2023
PingID Desktop prior to the latest released version 1.7.4 contains a vulnerability that can be...
Moderate
Unreviewed
CVE-2022-40725
was published
Apr 25, 2023
A vulnerability in the social login configuration option for the guest users of Cisco Business...
Moderate
Unreviewed
CVE-2023-20003
was published
May 18, 2023
Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Bypass...
Moderate
Unreviewed
CVE-2022-36249
was published
May 30, 2023
The Better Search plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up...
Moderate
Unreviewed
CVE-2021-4373
was published
Jun 7, 2023
A security defect was identified in Foundry Issues. If a user was added to an issue on a resource...
Moderate
Unreviewed
CVE-2023-30946
was published
Jun 29, 2023
A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi...
Moderate
Unreviewed
CVE-2023-4957
was published
Oct 11, 2023
The WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2021-4353
was published
Oct 20, 2023
PingFederate using the PingOne MFA adapter allows a new MFA device to be paired without requiring...
Moderate
Unreviewed
CVE-2023-39231
was published
Oct 25, 2023
A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA)...
Moderate
Unreviewed
CVE-2023-20247
was published
Nov 1, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16...
Moderate
Unreviewed
CVE-2024-1525
was published
Feb 22, 2024
The affected product is vulnerable to an attacker modifying the bootloader by using custom...
Moderate
Unreviewed
CVE-2024-38279
was published
Jun 13, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in PruvaSoft Informatics...
Moderate
Unreviewed
CVE-2024-5620
was published
Jul 18, 2024
IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive...
Moderate
Unreviewed
CVE-2024-35151
was published
Aug 22, 2024
The web server of affected devices do not properly authenticate user request to the '/ClientArea...
Moderate
Unreviewed
CVE-2024-46887
was published
Oct 8, 2024
ProTip!
Advisories are also available from the
GraphQL API