GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
358 advisories
Filter by severity
Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Improper...
Moderate
Unreviewed
CVE-2021-21096
was published
May 24, 2022
The Logo Carousel WordPress plugin before 3.4.2 allows users with a role as low as Contributor to...
High
Unreviewed
CVE-2021-24739
was published
Dec 22, 2021
An improper authorization flaw was discovered in openstack-selinux's applied policy where it does...
Moderate
Unreviewed
CVE-2020-1690
was published
May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the...
High
Unreviewed
CVE-2021-24193
was published
May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP...
High
Unreviewed
CVE-2021-24191
was published
May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the...
High
Unreviewed
CVE-2021-24195
was published
May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the...
High
Unreviewed
CVE-2021-24194
was published
May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the...
High
Unreviewed
CVE-2021-24192
was published
May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the...
High
Unreviewed
CVE-2021-24190
was published
May 24, 2022
Tad Book3 editing book page does not perform identity verification. Remote attackers can use the...
Critical
Unreviewed
CVE-2021-41974
was published
May 24, 2022
Improper authorization vulnerability in QSAN Storage Manager allows remote privileged users to...
Critical
Unreviewed
CVE-2021-32523
was published
May 24, 2022
RoboHelp Server earlier versions than RHS 11 Update 3 are affected by an Improper Authorization...
Moderate
Unreviewed
CVE-2022-30670
was published
Jun 17, 2022
The OptinMonster WordPress plugin is vulnerable to sensitive information disclosure and...
High
Unreviewed
CVE-2021-39341
was published
May 24, 2022
An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14...
Moderate
Unreviewed
CVE-2016-9938
was published
May 17, 2022
Improper Authorization in GitHub repository saltstack/salt prior to 3004.2.
Unknown
Unreviewed
CVE-2022-2282
was published
Jul 2, 2022
In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Authorization...
High
Unreviewed
CVE-2014-9945
was published
May 17, 2022
Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones...
Moderate
Unreviewed
CVE-2016-8776
was published
May 17, 2022
In Core Kernel in all Android releases from CAF using the Linux kernel, an Improper Authorization...
High
Unreviewed
CVE-2014-9950
was published
May 17, 2022
A vulnerability in Cisco Intercloud Fabric for Business and Cisco Intercloud Fabric for Providers...
High
Unreviewed
CVE-2016-9217
was published
May 17, 2022
Improper Authorization in GitHub repository kromitgmbh/titra prior to 0.79.1.
Critical
Unreviewed
CVE-2022-2595
was published
Aug 2, 2022
Possible unauthorized memory access in the hypervisor. Incorrect configuration provides access to...
High
Unreviewed
CVE-2016-8443
was published
May 17, 2022
Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 do...
Critical
Unreviewed
CVE-2016-5799
was published
May 17, 2022
EMC ViPR SRM before 3.7.2 does not restrict the number of password-authentication attempts, which...
Critical
Unreviewed
CVE-2016-0922
was published
May 17, 2022
The m_authenticate function in modules/m_sasl.c in Charybdis before 3.5.3 allows remote attackers...
High
Unreviewed
CVE-2016-7143
was published
May 17, 2022
Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon...
High
Unreviewed
CVE-2016-4531
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API