GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,795

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

110 advisories

Filter by severity

Sort by

Least recently updated

All AJAX actions of the Tab WordPress plugin before 1.3.2 are available to both unauthenticated... High Unreviewed

CVE-2021-24831 was published Jan 4, 2022

A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture... Moderate Unreviewed

CVE-2021-24046 was published Jan 15, 2022

Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022... Moderate Unreviewed

CVE-2022-24932 was published Mar 11, 2022

A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure... Moderate Unreviewed

CVE-2022-24385 was published Mar 15, 2022

A vulnerability was found in TEM FLEX-1080 and FLEX-1085 1.6.0. It has been declared as... High Unreviewed

CVE-2022-1077 was published Mar 30, 2022

A vulnerability has been identified in SICAM A8000 CP-8031 (All versions < V4.80), SICAM A8000 CP... High Unreviewed

CVE-2022-27480 was published Apr 13, 2022

In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export.... High Unreviewed

CVE-2021-34588 was published Apr 28, 2022

Baal Smart Forms before 3.2 allows remote attackers to bypass authentication and obtain system... High Unreviewed

CVE-2004-2144 was published Apr 29, 2022

phpMyFAQ 1.4.0 allows remote attackers to access the Image Manager to upload or delete images... Moderate Unreviewed

CVE-2004-2257 was published Apr 29, 2022

MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers to (1) upload arbitrary php files... Moderate Unreviewed

CVE-2002-1798 was published Apr 30, 2022

Hosting Controller 6.1 Hotfix 1.9 and earlier allows remote attackers to register arbitrary users... High Unreviewed

CVE-2005-1654 was published May 1, 2022

YusASP Web Asset Manager 1.0 allows remote attackers to gain privileges via a direct request to... High Unreviewed

CVE-2005-1668 was published May 1, 2022

episodex guestbook allows remote attackers to bypass authentication and edit scripts via a direct... High Unreviewed

CVE-2005-1685 was published May 1, 2022

Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct... Moderate Unreviewed

CVE-2005-1688 was published May 1, 2022

PostNuke 0.750 and 0.760RC3 allows remote attackers to obtain sensitive information via a direct... Moderate Unreviewed

CVE-2005-1698 was published May 1, 2022

The RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allows remote attackers to obtain sensitive... Moderate Unreviewed

CVE-2005-1697 was published May 1, 2022

D-Link DSL-504T allows remote attackers to bypass authentication and gain privileges, such as... High Unreviewed

CVE-2005-1827 was published May 1, 2022

FlatNuke 2.5.3 allows remote attackers to cause a denial of service or obtain sensitive... Moderate Unreviewed

CVE-2005-1892 was published May 1, 2022

Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat appliances with software... Moderate Unreviewed

CVE-2015-2873 was published May 13, 2022

Eloan V3.0 through 2018-09-20 allows remote attackers to list files via a direct request to the... Critical Unreviewed

CVE-2019-9552 was published May 13, 2022

An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2... Critical Unreviewed

CVE-2017-14244 was published May 13, 2022

The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 allows a remote,... High Unreviewed

CVE-2019-3917 was published May 13, 2022

Pangea Communications Internet FAX ATA all Versions 3.1.8 and prior allow an attacker to bypass... High Unreviewed

CVE-2019-6551 was published May 13, 2022

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an... Moderate Unreviewed

CVE-2018-0266 was published May 13, 2022

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an... Moderate Unreviewed

CVE-2018-0267 was published May 13, 2022

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

110 advisories