Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

463 advisories

Loading
An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is improper... Moderate Unreviewed
CVE-2018-10211 was published May 13, 2022
In Monstra CMS 3.0.4, an attacker with 'Editor' privileges can change the password of the... High Unreviewed
CVE-2018-16608 was published May 13, 2022
onlinetolls in cdSoft Onlinetools-Smart Winhotel.MX 2021 allows an attacker to download sensitive... Moderate Unreviewed
CVE-2022-27247 was published May 14, 2022
The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and... Moderate Unreviewed
CVE-2022-1425 was published May 17, 2022
EC-CUBE vulnerable to authorization bypass Moderate
CVE-2014-0808 was published for ec-cube/ec-cube (Composer) May 17, 2022
Insecure Direct Object References (IDOR) vulnerability in Spiffy Plugins Spiffy Calendar <= 4.9.0... Moderate Unreviewed
CVE-2022-29434 was published May 21, 2022
Publify has Improper Access Controls Moderate
CVE-2022-1810 was published for publify_core (RubyGems) May 24, 2022
An issue was discovered in the Ascensia Contour NEXT ONE application for iOS and Android before... Moderate Unreviewed
CVE-2018-18976 was published May 24, 2022
Bludit prior to 3.9.1 allows a non-privileged user to change the password of any account,... High Unreviewed
CVE-2019-12742 was published May 24, 2022
An Insecure Direct Object Reference, with Authorization Bypass through a User-Controlled Key, was... Critical Unreviewed
CVE-2019-12866 was published May 24, 2022
Joruri Mail 2.1.4 and earlier does not properly manage sessions, which allows remote attackers to... Moderate Unreviewed
CVE-2019-5966 was published May 24, 2022
An authorization bypass vulnerability in pinboard updates in ThoughtSpot 4.4.1 through 5.1.1 ... High Unreviewed
CVE-2019-12782 was published May 24, 2022
In WESEEK GROWI before 3.5.0, the site-wide basic authentication can be bypassed by adding a URL... High Unreviewed
CVE-2019-13337 was published May 24, 2022
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.838 to 0.9.8.846, remote attackers can... High Unreviewed
CVE-2019-13605 was published May 24, 2022
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, remote attackers can bypass... Critical Unreviewed
CVE-2019-13360 was published May 24, 2022
Magento 2 Community Edition IDOR Vulnerability High
CVE-2019-7854 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition IDOR Vulnerability Moderate
CVE-2019-7864 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition IDOR Vulnerability High
CVE-2019-7890 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition Access Control Bypass High
CVE-2019-7950 was published for magento/community-edition (Composer) May 24, 2022
The Recruitment module in Humanica Humatrix 7 1.0.0.681 and 1.0.0.203 allows remote attackers to... High Unreviewed
CVE-2019-14932 was published May 24, 2022
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows... Moderate Unreviewed
CVE-2019-14246 was published May 24, 2022
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows... Moderate Unreviewed
CVE-2019-14245 was published May 24, 2022
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows... Moderate Unreviewed
CVE-2019-14721 was published May 24, 2022
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows... High Unreviewed
CVE-2019-14724 was published May 24, 2022
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows... Moderate Unreviewed
CVE-2019-14725 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API