GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,393
Composer 3,971
Erlang 29
GitHub Actions 16
Go 1,752
Maven 4,982
npm 3,516
NuGet 609
pip 3,091
Pub 10
RubyGems 833
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,667

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

302 advisories

Filter by severity

Sort by

Least recently updated

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Improper... Moderate Unreviewed

CVE-2021-21096 was published May 24, 2022

The Logo Carousel WordPress plugin before 3.4.2 allows users with a role as low as Contributor to... High Unreviewed

CVE-2021-24739 was published Dec 22, 2021

An improper authorization flaw was discovered in openstack-selinux's applied policy where it does... Moderate Unreviewed

CVE-2020-1690 was published May 24, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed

CVE-2021-24193 was published May 24, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP... High Unreviewed

CVE-2021-24191 was published May 24, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed

CVE-2021-24195 was published May 24, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed

CVE-2021-24194 was published May 24, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed

CVE-2021-24192 was published May 24, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed

CVE-2021-24190 was published May 24, 2022

Tad Book3 editing book page does not perform identity verification. Remote attackers can use the... Critical Unreviewed

CVE-2021-41974 was published May 24, 2022

Improper authorization vulnerability in QSAN Storage Manager allows remote privileged users to... Critical Unreviewed

CVE-2021-32523 was published May 24, 2022

RoboHelp Server earlier versions than RHS 11 Update 3 are affected by an Improper Authorization... Moderate Unreviewed

CVE-2022-30670 was published Jun 17, 2022

The OptinMonster WordPress plugin is vulnerable to sensitive information disclosure and... High Unreviewed

CVE-2021-39341 was published May 24, 2022

An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14... Moderate Unreviewed

CVE-2016-9938 was published May 17, 2022

Improper Authorization in GitHub repository saltstack/salt prior to 3004.2. Unknown Unreviewed

CVE-2022-2282 was published Jul 2, 2022

In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Authorization... High Unreviewed

CVE-2014-9945 was published May 17, 2022

Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones... Moderate Unreviewed

CVE-2016-8776 was published May 17, 2022

In Core Kernel in all Android releases from CAF using the Linux kernel, an Improper Authorization... High Unreviewed

CVE-2014-9950 was published May 17, 2022

A vulnerability in Cisco Intercloud Fabric for Business and Cisco Intercloud Fabric for Providers... High Unreviewed

CVE-2016-9217 was published May 17, 2022

Improper Authorization in GitHub repository kromitgmbh/titra prior to 0.79.1. Critical Unreviewed

CVE-2022-2595 was published Aug 2, 2022

Possible unauthorized memory access in the hypervisor. Incorrect configuration provides access to... High Unreviewed

CVE-2016-8443 was published May 17, 2022

Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 do... Critical Unreviewed

CVE-2016-5799 was published May 17, 2022

EMC ViPR SRM before 3.7.2 does not restrict the number of password-authentication attempts, which... Critical Unreviewed

CVE-2016-0922 was published May 17, 2022

The m_authenticate function in modules/m_sasl.c in Charybdis before 3.5.3 allows remote attackers... High Unreviewed

CVE-2016-7143 was published May 17, 2022

Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon... High Unreviewed

CVE-2016-4531 was published May 17, 2022

Previous 1 2 3 4 5 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

302 advisories