GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,587
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,988
Maven 5,170
npm 3,704
NuGet 661
pip 3,332
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,231

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

140 advisories

Filter by severity

Sort by

Least recently updated

The Logo Carousel WordPress plugin before 3.4.2 allows users with a role as low as Contributor to... High Unreviewed

CVE-2021-24739 was published Dec 22, 2021

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed

CVE-2021-24193 was published May 24, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP... High Unreviewed

CVE-2021-24191 was published May 24, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed

CVE-2021-24195 was published May 24, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed

CVE-2021-24194 was published May 24, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed

CVE-2021-24192 was published May 24, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed

CVE-2021-24190 was published May 24, 2022

The OptinMonster WordPress plugin is vulnerable to sensitive information disclosure and... High Unreviewed

CVE-2021-39341 was published May 24, 2022

In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Authorization... High Unreviewed

CVE-2014-9945 was published May 17, 2022

In Core Kernel in all Android releases from CAF using the Linux kernel, an Improper Authorization... High Unreviewed

CVE-2014-9950 was published May 17, 2022

A vulnerability in Cisco Intercloud Fabric for Business and Cisco Intercloud Fabric for Providers... High Unreviewed

CVE-2016-9217 was published May 17, 2022

Possible unauthorized memory access in the hypervisor. Incorrect configuration provides access to... High Unreviewed

CVE-2016-8443 was published May 17, 2022

The m_authenticate function in modules/m_sasl.c in Charybdis before 3.5.3 allows remote attackers... High Unreviewed

CVE-2016-7143 was published May 17, 2022

Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon... High Unreviewed

CVE-2016-4531 was published May 17, 2022

The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting... High Unreviewed

CVE-2022-2536 was published Dec 15, 2022

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP... High Unreviewed

CVE-2021-24188 was published May 24, 2022

Elcomplus SmartPTT is vulnerable when a low-authenticated user can access higher level... High Unreviewed

CVE-2021-43939 was published Apr 29, 2022

A vulnerability was found in Forged Alliance Forever up to 3746. It has been declared as critical... High Unreviewed

CVE-2022-4879 was published Jan 6, 2023

An issue was discovered on D-Link DCS-1130 devices. The device requires that a user logging to... High Unreviewed

CVE-2017-8409 was published May 24, 2022

The Royal Elementor Addons plugin for WordPress is vulnerable to insufficient access control in... High Unreviewed

CVE-2022-4701 was published Jan 10, 2023

A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure... High Unreviewed

CVE-2020-27779 was published May 24, 2022

Sequi PortBloque S has an improper authorization vulnerability, which may allow a low-privileged... High Unreviewed

CVE-2022-2661 was published Aug 17, 2022

The wp_ajax_upload-remote-file AJAX action of the External Media WordPress plugin before 1.0.34... High Unreviewed

CVE-2021-24311 was published May 24, 2022

The management page of the Orca HCM digital learning platform does not perform identity... High Unreviewed

CVE-2021-35964 was published May 24, 2022

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 cloud portal allows for self... High Unreviewed

CVE-2021-38486 was published May 24, 2022

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

140 advisories