GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,532
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,984
Maven 5,159
npm 3,701
NuGet 657
pip 3,325
Pub 11
RubyGems 882
Rust 835
Swift 35

Unreviewed advisories

All unreviewed 233,093

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

357 advisories

Filter by severity

Sort by

Least recently updated

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Improper... Moderate Unreviewed

CVE-2021-21096 was published May 24, 2022

The Logo Carousel WordPress plugin before 3.4.2 allows users with a role as low as Contributor to... High Unreviewed

CVE-2021-24739 was published Dec 22, 2021

An improper authorization flaw was discovered in openstack-selinux's applied policy where it does... Moderate Unreviewed

CVE-2020-1690 was published May 24, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed

CVE-2021-24193 was published May 24, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP... High Unreviewed

CVE-2021-24191 was published May 24, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed

CVE-2021-24195 was published May 24, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed

CVE-2021-24194 was published May 24, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed

CVE-2021-24192 was published May 24, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed

CVE-2021-24190 was published May 24, 2022

Tad Book3 editing book page does not perform identity verification. Remote attackers can use the... Critical Unreviewed

CVE-2021-41974 was published May 24, 2022

Improper authorization vulnerability in QSAN Storage Manager allows remote privileged users to... Critical Unreviewed

CVE-2021-32523 was published May 24, 2022

RoboHelp Server earlier versions than RHS 11 Update 3 are affected by an Improper Authorization... Moderate Unreviewed

CVE-2022-30670 was published Jun 17, 2022

The OptinMonster WordPress plugin is vulnerable to sensitive information disclosure and... High Unreviewed

CVE-2021-39341 was published May 24, 2022

An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14... Moderate Unreviewed

CVE-2016-9938 was published May 17, 2022

Improper Authorization in GitHub repository saltstack/salt prior to 3004.2. Unknown Unreviewed

CVE-2022-2282 was published Jul 2, 2022

In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Authorization... High Unreviewed

CVE-2014-9945 was published May 17, 2022

Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones... Moderate Unreviewed

CVE-2016-8776 was published May 17, 2022

In Core Kernel in all Android releases from CAF using the Linux kernel, an Improper Authorization... High Unreviewed

CVE-2014-9950 was published May 17, 2022

A vulnerability in Cisco Intercloud Fabric for Business and Cisco Intercloud Fabric for Providers... High Unreviewed

CVE-2016-9217 was published May 17, 2022

Improper Authorization in GitHub repository kromitgmbh/titra prior to 0.79.1. Critical Unreviewed

CVE-2022-2595 was published Aug 2, 2022

Possible unauthorized memory access in the hypervisor. Incorrect configuration provides access to... High Unreviewed

CVE-2016-8443 was published May 17, 2022

Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 do... Critical Unreviewed

CVE-2016-5799 was published May 17, 2022

EMC ViPR SRM before 3.7.2 does not restrict the number of password-authentication attempts, which... Critical Unreviewed

CVE-2016-0922 was published May 17, 2022

The m_authenticate function in modules/m_sasl.c in Charybdis before 3.5.3 allows remote attackers... High Unreviewed

CVE-2016-7143 was published May 17, 2022

Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon... High Unreviewed

CVE-2016-4531 was published May 17, 2022

Previous 1 2 3 4 5 … 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

357 advisories