GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,905
Composer 5,452
Erlang 46
GitHub Actions 47
Go 3,340
Maven 6,338
npm 5,367
NuGet 881
pip 4,549
Pub 12
RubyGems 1,012
Rust 1,202
Swift 51

Unreviewed advisories

All unreviewed 295,465

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

325 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Italtel NetMatch-S CI 5.2.0-20211008 has incorrect Access Control under NMSCI-WebGui... Critical Unreviewed

CVE-2022-39811 was published Jan 28, 2023

Improper Input Validation vulnerability in Eskom Bilgisayar e-Belediye allows Information... Critical Unreviewed

CVE-2023-1114 was published Mar 1, 2023

onekeyadmin v1.3.9 was discovered to contain an arbitrary file delete vulnerability via the... Critical Unreviewed

CVE-2023-26957 was published Mar 9, 2023

Access control issue in ezsystems/ezpublish-kernel Critical

CVE-2022-48367 was published for ezsystems/ezpublish-kernel (Composer) Mar 12, 2023

The Akuvox E11 libvoice library provides unauthenticated access to the camera capture for image... Critical Unreviewed

CVE-2023-0349 was published Mar 13, 2023

SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740,... Critical Unreviewed

CVE-2023-27269 was published Mar 14, 2023

THe WCFM Membership plugin for WordPress is vulnerable to privilege escalation in versions up to,... Critical Unreviewed

CVE-2022-4939 was published Apr 5, 2023

Mattermost fails to invalidate existing authorization codes when deauthorizing an OAuth2 app,... Critical Unreviewed

CVE-2023-2193 was published Apr 20, 2023

The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary... Critical Unreviewed

CVE-2020-36719 was published Jun 7, 2023

The Easy WP SMTP plugin for WordPress is vulnerable to authorization bypass in versions up to,... Critical Unreviewed

CVE-2019-25141 was published Jun 7, 2023

The CMP for WordPress is vulnerable to authorization bypass due to a missing capability check on... Critical Unreviewed

CVE-2020-36730 was published Jun 7, 2023

The uListing plugin for WordPress is vulnerable to authorization bypass via Ajax due to missing... Critical Unreviewed

CVE-2021-4341 was published Jun 7, 2023

The Unauthenticated Account Creation plugin for WordPress is vulnerable to Unauthenticated... Critical Unreviewed

CVE-2021-4343 was published Jun 7, 2023

The Kiwi Social Share plugin for WordPress is vulnerable to authorization bypass due to a missing... Critical Unreviewed

CVE-2021-4362 was published Jun 7, 2023

The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File... Critical Unreviewed

CVE-2021-4356 was published Jun 7, 2023

The WordPress Automatic Plugin for WordPress is vulnerable to arbitrary options updates in... Critical Unreviewed

CVE-2021-4374 was published Jun 7, 2023

The uListing plugin for WordPress is vulnerable to authorization bypass as most actions and... Critical Unreviewed

CVE-2021-4370 was published Jun 7, 2023

The uListing plugin for WordPress is vulnerable to authorization bypass via wp_route due to... Critical Unreviewed

CVE-2021-4381 was published Jun 7, 2023

The Quiz And Survey Master for WordPress is vulnerable to authorization bypass due to a missing... Critical Unreviewed

CVE-2023-0291 was published Jun 9, 2023

The MStore API WordPress plugin before 3.9.9 does not prevent visitors from creating user... Critical Unreviewed

CVE-2023-3076 was published Jul 10, 2023

Certain HP LaserJet Pro print products are potentially vulnerable to an Elevation of Privilege... Critical Unreviewed

CVE-2023-26301 was published Jul 21, 2023

The InstaWP Connect plugin for WordPress is vulnerable to unauthorized access of data,... Critical Unreviewed

CVE-2023-3956 was published Jul 27, 2023

In PHPJabbers Cleaning Business Software 1.0, there is no encryption on user passwords allowing... Critical Unreviewed

CVE-2023-36140 was published Sep 11, 2023

An issue in SNMP Web Pro v.1.1 allows a remote attacker to execute arbitrary code and obtain... Critical Unreviewed

CVE-2023-39073 was published Sep 13, 2023

SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing... Critical Unreviewed

CVE-2023-40309 was published Sep 15, 2023

Previous 1…5…13 Next

Previous 1 2 3 4 5 6 7 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

325 advisories