GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,404

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

148 advisories

Filter by severity

Sort by

Least recently updated

The Contest Gallery WordPress plugin before 13.1.0.6 does not have capability checks and does not... Critical Unreviewed

CVE-2021-24915 was published Nov 30, 2021

taocms 3.0.2 is vulnerable to arbitrary file deletion via taocms\include\Model\file.php from line... Critical Unreviewed

CVE-2021-45015 was published Dec 15, 2021

FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 includes an... Critical Unreviewed

CVE-2021-27856 was published Dec 16, 2021

Unauthenticated Arbitrary Options Update vulnerability leading to full website compromise... Critical Unreviewed

CVE-2021-36888 was published Dec 16, 2021

An issue in /admin/index.php?lfj=mysql&action=del of Qibosoft v7 allows attackers to arbitrarily... Critical Unreviewed

CVE-2020-20944 was published Dec 28, 2021

The PublishPress Capabilities WordPress plugin before 2.3.1, PublishPress Capabilities Pro... Critical Unreviewed

CVE-2021-25032 was published Jan 11, 2022

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is... Critical Unreviewed

CVE-2022-0543 was published Feb 19, 2022

There is an improper verification vulnerability in smartphones. Successful exploitation of this... Critical Unreviewed

CVE-2021-22448 was published Feb 26, 2022

Automotive Grade Linux Kooky Koi 11.0.0, 11.0.1, 11.0.2, 11.0.3, 11.0.4, and 11.0.5 is affected... Critical Unreviewed

CVE-2022-24595 was published Mar 19, 2022

Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by incorrect access control. Lack of... Critical Unreviewed

CVE-2021-45878 was published Mar 22, 2022

Hospital Management System v1.0 was discovered to lack an authorization component, allowing... Critical Unreviewed

CVE-2022-26546 was published Apr 1, 2022

Elcomplus SmartPTT SCADA Server is vulnerable to an unauthenticated user can request various... Critical Unreviewed

CVE-2021-43938 was published Apr 30, 2022

Easytime Studio Easy File Manager 1.1 has a HTTP request security bypass Critical Unreviewed

CVE-2013-3960 was published May 5, 2022

An missing authorization vulnerability has been reported to affect QNAP device running Video... Critical Unreviewed

CVE-2021-44055 was published May 6, 2022

An exploitable unsafe default configuration vulnerability exists in the TURN server function of... Critical Unreviewed

CVE-2018-4059 was published May 13, 2022

An issue was discovered in Tiny Issue 1.3.1 and pixeline Bugs through 1.3.2c. install/config... Critical Unreviewed

CVE-2019-9002 was published May 13, 2022

FURUNO FELCOM 250 and 500 devices allow unauthenticated users to change the password for the... Critical Unreviewed

CVE-2018-16591 was published May 13, 2022

LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper... Critical Unreviewed

CVE-2018-18996 was published May 13, 2022

Unprivileged user can access all functions in the Surveillance Station component in QNAP TS212P... Critical Unreviewed

CVE-2017-12582 was published May 13, 2022

A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an... Critical Unreviewed

CVE-2017-6622 was published May 13, 2022

A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center... Critical Unreviewed

CVE-2017-6639 was published May 13, 2022

Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without... Critical Unreviewed

CVE-2017-9232 was published May 13, 2022

A root privilege escalation vulnerability in the Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web... Critical Unreviewed

CVE-2018-11541 was published May 13, 2022

Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access restrictions via the... Critical Unreviewed

CVE-2018-5377 was published May 13, 2022

An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in... Critical Unreviewed

CVE-2018-6000 was published May 13, 2022

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

148 advisories