Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
46
Go
3,270
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,517
Pub
12
RubyGems
998
Rust
1,194
Swift
51
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

6,082 advisories

Loading
The Insight Core WordPress plugin through 1.0 does not have any authorisation and CSRF checks in... Moderate Unreviewed
CVE-2021-24950 was published Mar 15, 2022
Due to missing authorization check, SAP NetWeaver Application Server for ABAP - versions 700, 701... Moderate Unreviewed
CVE-2022-26102 was published Mar 11, 2022
Under certain conditions, SAP NetWeaver (Real Time Messaging Framework) - version 7.50, allows an... Moderate Unreviewed
CVE-2022-26103 was published Mar 11, 2022
SAP Financial Consolidation - version 10.1, does not perform necessary authorization checks for... Moderate Unreviewed
CVE-2022-26104 was published Mar 11, 2022
The Download Manager WordPress plugin before 3.2.35 does not have any authorisation checks in... High Unreviewed
CVE-2021-25087 was published Mar 8, 2022
The Smart Forms WordPress plugin before 2.6.71 does not have authorisation in its... Moderate Unreviewed
CVE-2022-0163 was published Mar 8, 2022
Improper Access Control in GitHub repository salesagility/suitecrm prior to 7.12.5. Moderate Unreviewed
CVE-2022-0755 was published Mar 8, 2022
Improper Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5. Moderate Unreviewed
CVE-2022-0756 was published Mar 8, 2022
DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through an... High Unreviewed
CVE-2021-46378 was published Mar 5, 2022
A flaw was discovered in Kibana in which users with Read access to the Uptime feature could... Moderate Unreviewed
CVE-2022-23709 was published Mar 4, 2022
The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 5.5 does not have... Moderate Unreviewed
CVE-2021-25042 was published Mar 1, 2022
The Use Any Font | Custom Font Uploader WordPress plugin before 6.2.1 does not have any... Moderate Unreviewed
CVE-2021-24977 was published Mar 1, 2022
The Maps Plugin using Google Maps for WordPress plugin before 1.8.1 does not have proper... Moderate Unreviewed
CVE-2021-25011 was published Mar 1, 2022
The Customize WordPress Emails and Alerts WordPress plugin before 1.8.7 does not have... Moderate Unreviewed
CVE-2022-0345 was published Mar 1, 2022
KDE KCron through 21.12.2 uses a temporary file in /tmp when saving, but reuses the filename... High Unreviewed
CVE-2022-24986 was published Feb 27, 2022
In waline 1.6.1, an attacker can submit messages using X-Forwarded-For to forge any IP address. Moderate Unreviewed
CVE-2022-24594 was published Feb 26, 2022
There is an improper verification vulnerability in smartphones. Successful exploitation of this... Critical Unreviewed
CVE-2021-22448 was published Feb 26, 2022
Improper Authorization in GitHub repository chocobozzz/peertube prior to 4.1.0. Moderate Unreviewed
CVE-2022-0726 was published Feb 24, 2022
The Duplicate Page or Post WordPress plugin before 1.5.1 does not have any authorisation and has... Low Unreviewed
CVE-2021-25075 was published Feb 22, 2022
PreMiD 2.2.0 allows unintended access via the websocket transport. An attacker can receive events... Moderate Unreviewed
CVE-2021-46701 was published Feb 21, 2022
A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support... High Unreviewed
CVE-2020-25718 was published Feb 19, 2022
It was discovered, that redis, a persistent key-value database, due to a packaging issue, is... Critical Unreviewed
CVE-2022-0543 was published Feb 19, 2022
Missing Authorization in Eclipse Che Moderate Unreviewed
CVE-2020-10689 was published Feb 15, 2022
The PPOM for WooCommerce WordPress plugin before 24.0 does not have authorisation and CSRF checks... Moderate Unreviewed
CVE-2021-25018 was published Feb 15, 2022
The Ibtana WordPress plugin before 1.1.4.9 does not have authorisation and CSRF checks in the... Low Unreviewed
CVE-2021-25014 was published Feb 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database