Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,747
Erlang
35
GitHub Actions
29
Go
2,321
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

79 advisories

Loading
A vulnerability was found in GeoServer GeoWebCache up to 1.15.1. It has been declared as... Moderate Unreviewed
CVE-2023-5786 was published Oct 26, 2023
A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic.... Moderate Unreviewed
CVE-2023-5702 was published Oct 23, 2023
The DoLogin Security WordPress plugin before 3.7.1 does not restrict the access of a widget that... Moderate Unreviewed
CVE-2023-4800 was published Oct 16, 2023
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.5,... Moderate Unreviewed
CVE-2023-4018 was published Sep 1, 2023
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230809. It... Moderate Unreviewed
CVE-2023-4544 was published Aug 26, 2023
The organization selector in Liferay Portal 7.4.3.81 through 7.4.3.85, and Liferay DXP 7.4 update... Moderate Unreviewed
CVE-2023-3426 was published Aug 2, 2023
A vulnerability was found in Beijing Netcon NS-ASG 6.3. It has been classified as problematic.... Moderate Unreviewed
CVE-2023-3792 was published Jul 20, 2023
An unauthenticated user can access Identity Manager’s management console specific page URLs.... Moderate Unreviewed
CVE-2022-25626 was published Jul 6, 2023
JetBrains TeamCity 8 and 9 before 9.0.2 allows bypass of account-creation restrictions via a... Moderate Unreviewed
CVE-2015-1313 was published Jun 29, 2023
The Contour Service was not checking that users had permission to create an analysis for a given... Moderate Unreviewed
CVE-2023-22834 was published Jun 27, 2023
When following a redirect to a publicly accessible web extension file, the URL may have been... Moderate Unreviewed
CVE-2023-28160 was published Jun 2, 2023
A vulnerability classified as critical has been found in Control iD RHiD 23.3.19.0. This affects... Moderate Unreviewed
CVE-2023-2524 was published May 4, 2023
Coverity versions prior to 2023.3.2 are vulnerable to forced browsing, which exposes... Moderate Unreviewed
CVE-2023-1663 was published Mar 29, 2023
The Autoptimize WordPress plugin before 3.1.0 uses an easily guessable path to store plugin's... Moderate Unreviewed
CVE-2022-4057 was published Jan 3, 2023
The Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576) is affected by a password exposure... Moderate Unreviewed
CVE-2022-40845 was published Nov 15, 2022
In Simple Exam Reviewer Management System v1.0 the User List function has improper access control... Moderate Unreviewed
CVE-2022-42197 was published Oct 20, 2022
The SP Project & Document Manager WordPress plugin through 4.57 uses an easily guessable path to... Moderate Unreviewed
CVE-2022-1551 was published Jul 26, 2022
Token bruteforcing. Moderate
CVE-2022-29238 was published for notebook (pip) Jun 16, 2022
rashley-iqt
An unauthenticated attacker can send a specially crafted packets to update the “notes” section of... Moderate Unreviewed
CVE-2022-31485 was published Jun 7, 2022
Affected versions of Atlassian Confluence Server allow remote attackers to view restricted... Moderate Unreviewed
CVE-2021-26085 was published May 24, 2022
The Realteo WordPress plugin before 1.2.4, used by the Findeo Theme, did not ensure that the... Moderate Unreviewed
CVE-2021-24238 was published May 24, 2022
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. An... Moderate Unreviewed
CVE-2020-35570 was published May 24, 2022
Tenda N300 F3 12.01.01.48 devices allow remote attackers to obtain sensitive information ... Moderate Unreviewed
CVE-2020-35391 was published May 24, 2022
A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon... Moderate Unreviewed
CVE-2020-7541 was published May 24, 2022
In affected Ops Manager versions there is an exposed http route was that may allow attackers to... Moderate Unreviewed
CVE-2019-2388 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database