GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,286
Erlang
31
GitHub Actions
21
Go
2,058
Maven
5,000+
npm
3,742
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
557 advisories
Filter by severity
A vulnerability, which was classified as problematic, has been found in Click Studios...
Moderate
Unreviewed
CVE-2022-3876
was published
Dec 19, 2022
Quarkus CORS filter allows simple GET and POST requests with an invalid Origin to proceed
High
CVE-2022-4147
was published
for
io.quarkus:quarkus-vertx-http
(Maven)
Dec 6, 2022
An issue was discovered on D-Link DCS-1130 devices. The device requires that a user logging to...
High
Unreviewed
CVE-2017-8409
was published
May 24, 2022
A vulnerability was found in Forged Alliance Forever up to 3746. It has been declared as critical...
High
Unreviewed
CVE-2022-4879
was published
Jan 6, 2023
Elcomplus SmartPTT is vulnerable when a low-authenticated user can access higher level...
High
Unreviewed
CVE-2021-43939
was published
Apr 29, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP...
High
Unreviewed
CVE-2021-24188
was published
May 24, 2022
The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting...
High
Unreviewed
CVE-2022-2536
was published
Dec 15, 2022
Huawei XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610, RH1288 V3...
Critical
Unreviewed
CVE-2016-6825
was published
May 17, 2022
Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon...
High
Unreviewed
CVE-2016-4531
was published
May 17, 2022
The m_authenticate function in modules/m_sasl.c in Charybdis before 3.5.3 allows remote attackers...
High
Unreviewed
CVE-2016-7143
was published
May 17, 2022
EMC ViPR SRM before 3.7.2 does not restrict the number of password-authentication attempts, which...
Critical
Unreviewed
CVE-2016-0922
was published
May 17, 2022
Dynamic modification of RPyC service due to missing security check
High
CVE-2019-16328
was published
for
rpyc
(pip)
Feb 17, 2021
Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 do...
Critical
Unreviewed
CVE-2016-5799
was published
May 17, 2022
Possible unauthorized memory access in the hypervisor. Incorrect configuration provides access to...
High
Unreviewed
CVE-2016-8443
was published
May 17, 2022
Improper Authorization in GitHub repository kromitgmbh/titra prior to 0.79.1.
Critical
Unreviewed
CVE-2022-2595
was published
Aug 2, 2022
A vulnerability in Cisco Intercloud Fabric for Business and Cisco Intercloud Fabric for Providers...
High
Unreviewed
CVE-2016-9217
was published
May 17, 2022
In Core Kernel in all Android releases from CAF using the Linux kernel, an Improper Authorization...
High
Unreviewed
CVE-2014-9950
was published
May 17, 2022
Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones...
Moderate
Unreviewed
CVE-2016-8776
was published
May 17, 2022
In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Authorization...
High
Unreviewed
CVE-2014-9945
was published
May 17, 2022
XWiki users registered with email verification can self re-activate their disabled accounts
High
CVE-2021-32620
was published
for
org.xwiki.commons:xwiki-commons-core
(Maven)
May 18, 2021
Improper Authorization in Apache Shiro
Critical
CVE-2022-32532
was published
for
org.apache.shiro:shiro-core
(Maven)
Jun 30, 2022
Improper Authorization in GitHub repository saltstack/salt prior to 3004.2.
Unknown
Unreviewed
CVE-2022-2282
was published
Jul 2, 2022
An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14...
Moderate
Unreviewed
CVE-2016-9938
was published
May 17, 2022
The OptinMonster WordPress plugin is vulnerable to sensitive information disclosure and...
High
Unreviewed
CVE-2021-39341
was published
May 24, 2022
RoboHelp Server earlier versions than RHS 11 Update 3 are affected by an Improper Authorization...
Moderate
Unreviewed
CVE-2022-30670
was published
Jun 17, 2022
ProTip!
Advisories are also available from the
GraphQL API