Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,298
Erlang
31
GitHub Actions
21
Go
2,063
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
876
Swift
36
Unreviewed advisories
All unreviewed
5,000+

121 advisories

Loading
Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct... Moderate Unreviewed
CVE-2005-1688 was published May 1, 2022
The RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allows remote attackers to obtain sensitive... Moderate Unreviewed
CVE-2005-1697 was published May 1, 2022
Missing Authorization in Jenkins Moderate
CVE-2019-10354 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
dot-prop Prototype Pollution vulnerability High
CVE-2020-8116 was published for dot-prop (npm) Jul 29, 2020
Wagtail vulnerable to disclosure of user names via admin bulk action views Low
CVE-2023-45809 was published for wagtail (pip) Oct 19, 2023
quyenheu
A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic.... Moderate Unreviewed
CVE-2023-5702 was published Oct 23, 2023
A vulnerability classified as critical has been found in Control iD RHiD 23.3.19.0. This affects... Moderate Unreviewed
CVE-2023-2524 was published May 4, 2023
A vulnerability was found in Beijing Netcon NS-ASG 6.3. It has been classified as problematic.... Moderate Unreviewed
CVE-2023-3792 was published Jul 20, 2023
A vulnerability was found in GeoServer GeoWebCache up to 1.15.1. It has been declared as... Moderate Unreviewed
CVE-2023-5786 was published Oct 26, 2023
Showdoc Unauthenticated Access Moderate
CVE-2018-19620 was published for showdoc/showdoc (Composer) May 13, 2022
Open Redirect in url-parse Critical
CVE-2018-3774 was published for url-parse (npm) Aug 13, 2018
All AJAX actions of the Tab WordPress plugin before 1.3.2 are available to both unauthenticated... High Unreviewed
CVE-2021-24831 was published Jan 4, 2022
The SP Project & Document Manager WordPress plugin through 4.57 uses an easily guessable path to... Moderate Unreviewed
CVE-2022-1551 was published Jul 26, 2022
The Autoptimize WordPress plugin before 3.1.0 uses an easily guessable path to store plugin's... Moderate Unreviewed
CVE-2022-4057 was published Jan 3, 2023
A vulnerability has been identified in SICAM A8000 CP-8031 (All versions < V4.80), SICAM A8000 CP... High Unreviewed
CVE-2022-27480 was published Apr 13, 2022
Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022... Moderate Unreviewed
CVE-2022-24932 was published Mar 11, 2022
A vulnerability was found in TEM FLEX-1080 and FLEX-1085 1.6.0. It has been declared as... High Unreviewed
CVE-2022-1077 was published Mar 30, 2022
Tenda N300 F3 12.01.01.48 devices allow remote attackers to obtain sensitive information ... Moderate Unreviewed
CVE-2020-35391 was published May 24, 2022
Coverity versions prior to 2023.3.2 are vulnerable to forced browsing, which exposes... Moderate Unreviewed
CVE-2023-1663 was published Mar 29, 2023
A vulnerability has been found in Xunrui CMS 4.61 and classified as problematic. Affected by this... High Unreviewed
CVE-2023-1682 was published Mar 29, 2023
Rapid7 Nexpose versions 6.6.186 and below suffer from a forced browsing vulnerability. This... Critical Unreviewed
CVE-2023-1699 was published Mar 30, 2023
Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users (editor or... High Unreviewed
CVE-2019-14347 was published May 24, 2022
A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture... Moderate Unreviewed
CVE-2021-24046 was published Jan 15, 2022
A forced browsing vulnerability in Trend Micro Apex One could allow an attacker with access to... Critical Unreviewed
CVE-2022-41746 was published Oct 11, 2022
In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23,... High Unreviewed
CVE-2018-7526 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database