GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
160 advisories
Filter by severity
The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress...
Critical
Unreviewed
CVE-2023-6875
was published
Jan 11, 2024
An issue in SpringBlade v.3.7.0 and before allows a remote attacker to escalate privileges via...
Critical
Unreviewed
CVE-2023-47458
was published
Jan 2, 2024
The affiliate-toolkit WordPress plugin before 3.4.3 lacks authorization and authentication for...
Critical
Unreviewed
CVE-2023-5877
was published
Jan 1, 2024
Redpanda before 23.1.21 and 23.2.x before 23.2.18 has missing authorization checks in the...
Critical
Unreviewed
CVE-2023-50976
was published
Dec 18, 2023
Missing Permission checks resulting in unauthorized access and Manipulation in KeyChainActivity...
Critical
Unreviewed
CVE-2023-48417
was published
Dec 11, 2023
An issue was discovered in the Boomerang Parental Control application through 13.83 for Android....
Critical
Unreviewed
CVE-2023-36621
was published
Nov 3, 2023
The AI ChatBot plugin for WordPress is vulnerable to unauthorized use of AJAX actions due to...
Critical
Unreviewed
CVE-2023-5533
was published
Oct 20, 2023
A vulnerability in the Security Assertion Markup Language (SAML) APIs of Cisco Catalyst SD-WAN...
Critical
Unreviewed
CVE-2023-20252
was published
Sep 27, 2023
Vulnerability of missing authorization in the kernel module. Successful exploitation of this...
Critical
Unreviewed
CVE-2023-41296
was published
Sep 25, 2023
There is an unauthorized access vulnerability in TP-LINK ER5120G 4.0 2.0.0 Build 210817 Rel...
Critical
Unreviewed
CVE-2023-43135
was published
Sep 21, 2023
There is an unauthorized access vulnerability in Netis 360RAC1200 v1.3.4517, which allows...
Critical
Unreviewed
CVE-2023-43134
was published
Sep 20, 2023
A flaw was found in the Kubernetes service for notebooks in RHODS, where it does not prevent pods...
Critical
Unreviewed
CVE-2023-0923
was published
Sep 15, 2023
SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing...
Critical
Unreviewed
CVE-2023-40309
was published
Sep 15, 2023
An issue in SNMP Web Pro v.1.1 allows a remote attacker to execute arbitrary code and obtain...
Critical
Unreviewed
CVE-2023-39073
was published
Sep 13, 2023
In PHPJabbers Cleaning Business Software 1.0, there is no encryption on user passwords allowing...
Critical
Unreviewed
CVE-2023-36140
was published
Sep 11, 2023
The InstaWP Connect plugin for WordPress is vulnerable to unauthorized access of data,...
Critical
Unreviewed
CVE-2023-3956
was published
Jul 27, 2023
Certain HP LaserJet Pro print products are potentially vulnerable to an Elevation of Privilege...
Critical
Unreviewed
CVE-2023-26301
was published
Jul 21, 2023
The MStore API WordPress plugin before 3.9.9 does not prevent visitors from creating user...
Critical
Unreviewed
CVE-2023-3076
was published
Jul 10, 2023
The Quiz And Survey Master for WordPress is vulnerable to authorization bypass due to a missing...
Critical
Unreviewed
CVE-2023-0291
was published
Jun 9, 2023
The uListing plugin for WordPress is vulnerable to authorization bypass as most actions and...
Critical
Unreviewed
CVE-2021-4370
was published
Jun 7, 2023
The WordPress Automatic Plugin for WordPress is vulnerable to arbitrary options updates in...
Critical
Unreviewed
CVE-2021-4374
was published
Jun 7, 2023
The uListing plugin for WordPress is vulnerable to authorization bypass via wp_route due to...
Critical
Unreviewed
CVE-2021-4381
was published
Jun 7, 2023
The uListing plugin for WordPress is vulnerable to authorization bypass via Ajax due to missing...
Critical
Unreviewed
CVE-2021-4341
was published
Jun 7, 2023
The Unauthenticated Account Creation plugin for WordPress is vulnerable to Unauthenticated...
Critical
Unreviewed
CVE-2021-4343
was published
Jun 7, 2023
The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File...
Critical
Unreviewed
CVE-2021-4356
was published
Jun 7, 2023
ProTip!
Advisories are also available from the
GraphQL API