GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,093
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,087
Maven 5,251
npm 3,751
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,686

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,253 advisories

Filter by severity

Sort by

Least recently updated

In cell service, there is a missing permission check. This could lead to local denial of service... Moderate Unreviewed

CVE-2022-38677 was published Oct 15, 2022

Boodskap IoT Platform v4.4.9-02 allows attackers to make unauthenticated API requests. Moderate Unreviewed

CVE-2022-35136 was published Oct 14, 2022

The Frontend File Manager Plugin WordPress plugin before 21.3 allows any unauthenticated user to... Moderate Unreviewed

CVE-2022-3124 was published Oct 4, 2022

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query... Moderate Unreviewed

CVE-2020-15337 was published Sep 30, 2022

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query... Moderate Unreviewed

CVE-2020-15338 was published Sep 30, 2022

Inappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0... Moderate Unreviewed

CVE-2022-3048 was published Sep 27, 2022

A tenant administrator Hitachi Content Platform (HCP) may modify the configuration in another... Moderate Unreviewed

CVE-2021-28052 was published Sep 27, 2022

A information disclosure vulnerability exists in Rocket.Chat <v5 where the... Moderate Unreviewed

CVE-2022-35249 was published Sep 25, 2022

A information disclosure vulnerability exists in Rocket.chat <v5, <v4.8.2 and <v4.7.5 where the... Moderate Unreviewed

CVE-2022-35247 was published Sep 25, 2022

Unauthenticated Optin Campaign Cache Deletion vulnerability in MailOptin plugin <= 1.2.49.0 at... Moderate Unreviewed

CVE-2022-36340 was published Sep 25, 2022

An information disclosure vulnerability exists in Rocket.Chat <v5 due to the... Moderate Unreviewed

CVE-2022-32220 was published Sep 25, 2022

The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization... Moderate Unreviewed

CVE-2022-39960 was published Sep 18, 2022

In SettingsActivity.java, there is a possible way to make a device discoverable over Bluetooth,... Moderate Unreviewed

CVE-2022-20396 was published Sep 14, 2022

The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting... Moderate Unreviewed

CVE-2022-2461 was published Sep 7, 2022

The Visual Portfolio, Photo Gallery & Post Grid WordPress plugin before 2.18.0 does not have... Moderate Unreviewed

CVE-2022-2543 was published Sep 6, 2022

The Directorist WordPress plugin before 7.3.1 discloses the email address of all users in an AJAX... Moderate Unreviewed

CVE-2022-2376 was published Sep 6, 2022

The Netic User Export add-on before 2.0.6 for Atlassian Jira does not perform authorization... Moderate Unreviewed

CVE-2022-38367 was published Sep 6, 2022

The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its... Moderate Unreviewed

CVE-2022-2034 was published Aug 29, 2022

The Simply Schedule Appointments WordPress plugin before 1.5.7.7 is missing authorisation in a... Moderate Unreviewed

CVE-2022-2373 was published Aug 29, 2022

The Duplicator WordPress plugin before 1.4.7.1 does not authenticate or authorize visitors before... Moderate Unreviewed

CVE-2022-2552 was published Aug 23, 2022

The Transposh WordPress Translation WordPress plugin through 1.0.8 exposes a couple of sensitive... Moderate Unreviewed

CVE-2022-25810 was published Aug 23, 2022

Multiple authentication bypass vulnerabilities exist in the objects id handling functionality of... Moderate Unreviewed

CVE-2022-32768 was published Aug 23, 2022

Multiple authentication bypass vulnerabilities exist in the objects id handling functionality of... Moderate Unreviewed

CVE-2022-32769 was published Aug 23, 2022

The Discy WordPress theme before 5.0 lacks authorization checks then processing ajax requests to... Moderate Unreviewed

CVE-2022-1323 was published Aug 9, 2022

Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1... Moderate Unreviewed

CVE-2022-33734 was published Aug 6, 2022

Previous 1 2 … 77 78 79 80 81 … 90 91 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,253 advisories