GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
93,478 advisories
Filter by severity
KramerAV VIA GO² < 4.0.1.1326 is vulnerable to Unauthenticated arbitrary file read.
High
Unreviewed
CVE-2023-33507
was published
Jul 6, 2023
In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions...
High
Unreviewed
CVE-2023-32708
was published
Jul 6, 2023
In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below...
High
Unreviewed
CVE-2023-32707
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Anton Skorobogatov Rus-To-Lat plugin <= 0.3...
High
Unreviewed
CVE-2023-25470
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in BoLiQuan WP Clean Up plugin <= 1.2.3 versions.
High
Unreviewed
CVE-2023-25034
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Made with Fuel Better Notifications for WP...
High
Unreviewed
CVE-2023-32964
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Schema – All In One Schema...
High
Unreviewed
CVE-2023-25058
was published
Jul 6, 2023
Missing Authentication for Critical Function vulnerability in Honeywell OneWireless allows...
High
Unreviewed
CVE-2022-4240
was published
Jul 6, 2023
Apache Airflow CNCF Kubernetes Provider: KubernetesPodOperator RCE via connection configuration
High
CVE-2023-33234
was published
for
apache-airflow-providers-cncf-kubernetes
(pip)
Jul 6, 2023
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.3, including...
High
Unreviewed
CVE-2022-4815
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Marty Thornley Import External Images plugin <...
High
Unreviewed
CVE-2022-46866
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in German Krutov LOGIN AND REGISTRATION ATTEMPTS...
High
Unreviewed
CVE-2022-47138
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Damir Calusic WP Basic Elements plugin <= 5.2...
High
Unreviewed
CVE-2022-47139
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Logaster Logaster Logo Generator plugin <= 1.3...
High
Unreviewed
CVE-2022-47159
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in WP Easy Pay WP EasyPay – Square for WordPress...
High
Unreviewed
CVE-2022-47177
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Pierre Lebedel Kodex Posts likes plugin <= 2.4...
High
Unreviewed
CVE-2022-46814
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in LearningTimes BadgeOS plugin <= 3.7.1.6 versions.
High
Unreviewed
CVE-2022-41987
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in XWP Stream plugin <= 3.9.2 versions.
High
Unreviewed
CVE-2022-43490
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Pretty Links plugin <= 1.4 versions.
High
Unreviewed
CVE-2022-47149
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank You Page Customizer for...
High
Unreviewed
CVE-2022-46810
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in ORION Woocommerce Products Designer plugin <=...
High
Unreviewed
CVE-2022-46856
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Mathieu Chartier WordPress WP-Advanced-Search...
High
Unreviewed
CVE-2022-47447
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Marty Thornley Bulk Resize Media plugin <= 1.1...
High
Unreviewed
CVE-2022-46865
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Viadat Creations Store Locator for WordPress...
High
Unreviewed
CVE-2022-47446
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank You Page Customizer for...
High
Unreviewed
CVE-2022-46812
was published
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API