GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
210 advisories
Filter by severity
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP...
High
Unreviewed
CVE-2021-24191
was published
May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the...
High
Unreviewed
CVE-2021-24192
was published
May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP...
High
Unreviewed
CVE-2021-24188
was published
May 24, 2022
The wp_ajax_upload-remote-file AJAX action of the External Media WordPress plugin before 1.0.34...
High
Unreviewed
CVE-2021-24311
was published
May 24, 2022
TadTools special page is vulnerable to authorization bypass, thus remote attackers can use the...
High
Unreviewed
CVE-2021-41975
was published
May 24, 2022
Versions up to, and including, 1.0.6, of the Access Demo Importer WordPress plugin are vulnerable...
High
Unreviewed
CVE-2021-39317
was published
May 24, 2022
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 cloud portal allows for self...
High
Unreviewed
CVE-2021-38486
was published
May 24, 2022
The OptinMonster WordPress plugin is vulnerable to sensitive information disclosure and...
High
Unreviewed
CVE-2021-39341
was published
May 24, 2022
SAP Commerce - versions 2105.3, 2011.13, 2005.18, 1905.34, does not perform necessary...
High
Unreviewed
CVE-2021-40502
was published
May 24, 2022
The management page of the Orca HCM digital learning platform does not perform identity...
High
Unreviewed
CVE-2021-35964
was published
May 24, 2022
The “Teacher Edit” function of ShinHer StudyOnline System does not perform authority control....
High
Unreviewed
CVE-2021-42330
was published
May 24, 2022
Dell OpenManage Enterprise Versions 3.8.3 and prior contain an improper authorization...
High
Unreviewed
CVE-2022-26857
was published
May 27, 2022
Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access...
High
Unreviewed
CVE-2022-30746
was published
Jun 8, 2022
Improper caller check in AR Emoji prior to SMR Jun-2022 Release 1 allows untrusted applications...
High
Unreviewed
CVE-2022-30717
was published
Jun 8, 2022
A vulnerability classified as critical was found in SourceCodester Prison Management System 1.0....
High
Unreviewed
CVE-2022-2019
was published
Jun 10, 2022
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it...
High
Unreviewed
CVE-2022-31609
was published
Aug 6, 2022
Sequi PortBloque S has an improper authorization vulnerability, which may allow a low-privileged...
High
Unreviewed
CVE-2022-2661
was published
Aug 17, 2022
Magento Improper Authorization vulnerability
High
CVE-2022-34256
was published
for
magento/community-edition
(Composer)
Aug 17, 2022
Improper Authorization in GitHub repository chatwoot/chatwoot prior to 2.8.
High
Unreviewed
CVE-2022-2901
was published
Sep 7, 2022
Improper Authorization vulnerability exists in the Workplace X WebUI of the Hitachi Energy...
High
Unreviewed
CVE-2022-29490
was published
Sep 13, 2022
Netmaker vulnerable to Insufficient Granularity of Access Control
High
CVE-2022-36110
was published
for
github.com/gravitl/netmaker
(Go)
Sep 15, 2022
XWiki Platform Improper Authorization check for inactive users
High
CVE-2022-36090
was published
for
org.xwiki.platform:xwiki-platform-oldcore
(Maven)
Sep 16, 2022
Harbor fails to validate the user permissions when updating tag retention policies
High
CVE-2022-31670
was published
for
github.com/goharbor/harbor
(Go)
Sep 16, 2022
Harbor fails to validate the user permissions when viewing Webhook policies
High
CVE-2022-31666
was published
for
github.com/goharbor/harbor
(Go)
Sep 16, 2022
XWiki Platform Security Parent POM vulnerable to overwriting of security rules of a page with a final page having the same reference
High
CVE-2022-31167
was published
for
org.xwiki.platform:xwiki-platform-security
(Maven)
Sep 20, 2022
ProTip!
Advisories are also available from the
GraphQL API