Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,606 advisories

Loading
A vulnerability was found in Little Apps Little Software Stats. It has been declared as critical.... Critical Unreviewed
CVE-2015-10057 was published Jan 16, 2023
An unauthorized user could possibly delete any file on the system. High Unreviewed
CVE-2022-46331 was published Jan 18, 2023
All versions up to ZXINOS-RESV1.01.43 of the ZTE ZXIN10 product European region are impacted by... Critical Unreviewed
CVE-2018-7364 was published May 13, 2022
Improper access control vulnerability in McAfee WebAdvisor Chrome and Edge browser extensions up... High Unreviewed
CVE-2022-0815 was published Mar 12, 2022
AppleFileConduit in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on... Moderate Unreviewed
CVE-2015-5746 was published May 17, 2022
Improper Access Control in GitHub repository janeczku/calibre-web prior to 0.6.16. Moderate Unreviewed
CVE-2022-0405 was published Apr 4, 2022
The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib... High Unreviewed
CVE-2021-24906 was published Jan 25, 2022
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing... High Unreviewed
CVE-2015-3806 was published May 17, 2022
A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent... Moderate Unreviewed
CVE-2021-1515 was published May 24, 2022
A flaw was found in Red Hat 3scale’s API docs URL, where it is accessible without credentials.... Moderate Unreviewed
CVE-2020-25634 was published May 24, 2022
Plugin Settings Update vulnerability in ShortPixel's ShortPixel Adaptive Images plugin <= 3.3.1... Moderate Unreviewed
CVE-2022-29417 was published Apr 26, 2022
AEM's Cloud Service offering, as well as versions 6.5.7.0 (and below), 6.4.8.3 (and below) and 6... High Unreviewed
CVE-2021-21083 was published May 24, 2022
A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when... Moderate Unreviewed
CVE-2020-27831 was published May 24, 2022
A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated,... Moderate Unreviewed
CVE-2021-1449 was published May 24, 2022
The flo-launch WordPress plugin before 2.4.1 injects code into wp-config.php when creating a... Critical Unreviewed
CVE-2022-0541 was published Apr 26, 2022
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier)... High Unreviewed
CVE-2021-21045 was published May 24, 2022
The Logo Showcase with Slick Slider WordPress plugin before 1.2.5 does not have CSRF and... Moderate Unreviewed
CVE-2021-24730 was published Mar 1, 2022
The Improved Include Page WordPress plugin through 1.2 allows passing shortcode attributes with... Moderate Unreviewed
CVE-2021-24845 was published Dec 14, 2021
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and... Moderate Unreviewed
CVE-2015-3152 was published May 14, 2022
Philips MRI 1.5T and MRI 3T Version 5.x.x does not restrict or incorrectly restricts access to a... Moderate Unreviewed
CVE-2021-26262 was published Nov 20, 2021
The Weintek cMT product line is vulnerable to various improper access controls, which may allow... Critical Unreviewed
CVE-2021-27444 was published May 17, 2022
Matrikon, a subsidary of Honeywell Matrikon OPC Server (all versions) is vulnerable to a... High Unreviewed
CVE-2022-1261 was published May 27, 2022
A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior... Moderate Unreviewed
CVE-2020-14312 was published May 24, 2022
The firmware of InHand Networks InRouter302 V3.5.45 introduces fixes for TALOS-2022-1472 and... Critical Unreviewed
CVE-2022-25932 was published Nov 9, 2022
A vulnerability in the web-based messaging service interface of Cisco SD-WAN vManage Software... High Unreviewed
CVE-2021-1284 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API