GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
160 advisories
Filter by severity
The Contest Gallery WordPress plugin before 13.1.0.6 does not have capability checks and does not...
Critical
Unreviewed
CVE-2021-24915
was published
Nov 30, 2021
taocms 3.0.2 is vulnerable to arbitrary file deletion via taocms\include\Model\file.php from line...
Critical
Unreviewed
CVE-2021-45015
was published
Dec 15, 2021
FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 includes an...
Critical
Unreviewed
CVE-2021-27856
was published
Dec 16, 2021
Unauthenticated Arbitrary Options Update vulnerability leading to full website compromise...
Critical
Unreviewed
CVE-2021-36888
was published
Dec 16, 2021
An issue in /admin/index.php?lfj=mysql&action=del of Qibosoft v7 allows attackers to arbitrarily...
Critical
Unreviewed
CVE-2020-20944
was published
Dec 28, 2021
The PublishPress Capabilities WordPress plugin before 2.3.1, PublishPress Capabilities Pro...
Critical
Unreviewed
CVE-2021-25032
was published
Jan 11, 2022
It was discovered, that redis, a persistent key-value database, due to a packaging issue, is...
Critical
Unreviewed
CVE-2022-0543
was published
Feb 19, 2022
There is an improper verification vulnerability in smartphones. Successful exploitation of this...
Critical
Unreviewed
CVE-2021-22448
was published
Feb 26, 2022
Automotive Grade Linux Kooky Koi 11.0.0, 11.0.1, 11.0.2, 11.0.3, 11.0.4, and 11.0.5 is affected...
Critical
Unreviewed
CVE-2022-24595
was published
Mar 19, 2022
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by incorrect access control. Lack of...
Critical
Unreviewed
CVE-2021-45878
was published
Mar 22, 2022
Hospital Management System v1.0 was discovered to lack an authorization component, allowing...
Critical
Unreviewed
CVE-2022-26546
was published
Apr 1, 2022
Elcomplus SmartPTT SCADA Server is vulnerable to an unauthenticated user can request various...
Critical
Unreviewed
CVE-2021-43938
was published
Apr 30, 2022
Easytime Studio Easy File Manager 1.1 has a HTTP request security bypass
Critical
Unreviewed
CVE-2013-3960
was published
May 5, 2022
An missing authorization vulnerability has been reported to affect QNAP device running Video...
Critical
Unreviewed
CVE-2021-44055
was published
May 6, 2022
An exploitable unsafe default configuration vulnerability exists in the TURN server function of...
Critical
Unreviewed
CVE-2018-4059
was published
May 13, 2022
An issue was discovered in Tiny Issue 1.3.1 and pixeline Bugs through 1.3.2c. install/config...
Critical
Unreviewed
CVE-2019-9002
was published
May 13, 2022
FURUNO FELCOM 250 and 500 devices allow unauthenticated users to change the password for the...
Critical
Unreviewed
CVE-2018-16591
was published
May 13, 2022
LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper...
Critical
Unreviewed
CVE-2018-18996
was published
May 13, 2022
Unprivileged user can access all functions in the Surveillance Station component in QNAP TS212P...
Critical
Unreviewed
CVE-2017-12582
was published
May 13, 2022
A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an...
Critical
Unreviewed
CVE-2017-6622
was published
May 13, 2022
A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center...
Critical
Unreviewed
CVE-2017-6639
was published
May 13, 2022
Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without...
Critical
Unreviewed
CVE-2017-9232
was published
May 13, 2022
A root privilege escalation vulnerability in the Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web...
Critical
Unreviewed
CVE-2018-11541
was published
May 13, 2022
Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access restrictions via the...
Critical
Unreviewed
CVE-2018-5377
was published
May 13, 2022
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in...
Critical
Unreviewed
CVE-2018-6000
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API