Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

120 advisories

Loading
A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure... Moderate Unreviewed
CVE-2022-24385 was published Mar 15, 2022
goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27 allows creation of... High Unreviewed
CVE-2020-10181 was published May 24, 2022
The Realteo WordPress plugin before 1.2.4, used by the Findeo Theme, did not ensure that the... Moderate Unreviewed
CVE-2021-24238 was published May 24, 2022
An unauthenticated attacker could arbitrarily upload firmware files to the target device,... High Unreviewed
CVE-2022-31480 was published Jun 7, 2022
An unauthenticated attacker can send a specially crafted network packet to delete a user from the... High Unreviewed
CVE-2022-31484 was published Jun 7, 2022
An Improper Access Control vulnerability was discovered in the Controlled Admin Access WordPress... Critical Unreviewed
CVE-2021-24215 was published May 24, 2022
A Privilege Escalation vulnerability exists in Sourcecodester Money Transfer Management System 1... High Unreviewed
CVE-2021-44582 was published Jun 11, 2022
An unauthenticated attacker can send a specially crafted packets to update the “notes” section of... Moderate Unreviewed
CVE-2022-31485 was published Jun 7, 2022
The Simple Download Monitor WordPress plugin before 3.9.6 saves logs in a predictable location,... High Unreviewed
CVE-2021-24695 was published May 24, 2022
Token bruteforcing. Moderate
CVE-2022-29238 was published for notebook (pip) Jun 16, 2022
rashley-iqt
Forced Browsing vulnerability in HYPR Server version 6.10 to 6.15.1 allows remote attackers with... High Unreviewed
CVE-2022-2192 was published Jul 20, 2022
The Ninja Job Board WordPress plugin before 1.3.3 does not protect the directory where it stores... High Unreviewed
CVE-2022-2544 was published Aug 23, 2022
The Duplicator WordPress plugin before 1.4.7 discloses the url of the a backup to unauthenticated... High Unreviewed
CVE-2022-2551 was published Aug 23, 2022
A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon... Moderate Unreviewed
CVE-2020-7541 was published May 24, 2022
In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export.... High Unreviewed
CVE-2021-34588 was published Apr 28, 2022
Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat appliances with software... Moderate Unreviewed
CVE-2015-2873 was published May 13, 2022
Eloan V3.0 through 2018-09-20 allows remote attackers to list files via a direct request to the... Critical Unreviewed
CVE-2019-9552 was published May 13, 2022
An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2... Critical Unreviewed
CVE-2017-14244 was published May 13, 2022
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 allows a remote,... High Unreviewed
CVE-2019-3917 was published May 13, 2022
Pangea Communications Internet FAX ATA all Versions 3.1.8 and prior allow an attacker to bypass... High Unreviewed
CVE-2019-6551 was published May 13, 2022
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an... Moderate Unreviewed
CVE-2018-0198 was published May 13, 2022
A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content... Moderate Unreviewed
CVE-2018-0140 was published May 13, 2022
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an... Moderate Unreviewed
CVE-2018-0267 was published May 13, 2022
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an... Moderate Unreviewed
CVE-2018-0266 was published May 13, 2022
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an... Moderate Unreviewed
CVE-2018-0105 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database