GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,927
Composer 4,272
Erlang 31
GitHub Actions 21
Go 2,047
Maven 5,232
npm 3,739
NuGet 668
pip 3,415
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,416

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

173 advisories

Filter by severity

Sort by

Least recently updated

The Download Manager plugin for WordPress is vulnerable to unauthorized download of password... Moderate Unreviewed

CVE-2024-11768 was published Dec 19, 2024

SnapCenter versions 4.8 prior to 5.0 are susceptible to a vulnerability which could allow an... Moderate Unreviewed

CVE-2024-21987 was published Feb 16, 2024

A vulnerability classified as problematic has been found in Dromara UJCMS up to 9.6.3. This... Moderate Unreviewed

CVE-2024-12483 was published Dec 12, 2024

Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Authorization... Moderate Unreviewed

CVE-2024-43729 was published Dec 11, 2024

Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Authorization... Moderate Unreviewed

CVE-2024-43731 was published Dec 11, 2024

Improper Authorization in GitHub repository janeczku/calibre-web prior to 0.6.16. Moderate Unreviewed

CVE-2022-0406 was published Apr 4, 2022

A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM)... Moderate Unreviewed

CVE-2020-3539 was published Nov 18, 2024

A vulnerability classified as critical was found in Tongda OA 11.2/11.3/11.4/11.5/11.6. This... Moderate Unreviewed

CVE-2024-10598 was published Nov 1, 2024

Improper authorization in some Intel(R) PM software may allow a privileged user to potentially... Moderate Unreviewed

CVE-2023-38135 was published Oct 25, 2024

The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress... Moderate Unreviewed

CVE-2024-9531 was published Oct 24, 2024

Certain configuration available in the communication channel for encoders could expose sensitive... Moderate Unreviewed

CVE-2024-22388 was published Feb 7, 2024

Information disclosure while sending implicit broadcast containing APP launch information. Moderate Unreviewed

CVE-2024-38425 was published Oct 7, 2024

The WooCommerce Smart Coupons plugin for WordPress is vulnerable to authorization bypass due to a... Moderate Unreviewed

CVE-2020-36841 was published Oct 16, 2024

Sensitive data can be extracted from HID iCLASS SE reader configuration cards. This could... Moderate Unreviewed

CVE-2024-23806 was published Feb 7, 2024

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin... Moderate Unreviewed

CVE-2024-5053 was published Sep 1, 2024

An issue has been discovered in GitLab EE Premium and Ultimate affecting versions 16.4.3, 16.5.3,... Moderate Unreviewed

CVE-2023-6564 was published Feb 8, 2024

An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7... Moderate Unreviewed

CVE-2024-0456 was published Jan 26, 2024

An issue has been discovered in GitLab affecting all versions starting from 9.3 before 16.4.4,... Moderate Unreviewed

CVE-2023-5061 was published Dec 15, 2023

An improper authorization issue has been discovered in GitLab CE/EE affecting all versions... Moderate Unreviewed

CVE-2023-2233 was published Sep 29, 2023

An issue has been discovered in GitLab EE affecting all versions starting from 16.4 before 16.7.6... Moderate Unreviewed

CVE-2024-0861 was published Feb 22, 2024

A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow... Moderate Unreviewed

CVE-2024-20414 was published Sep 25, 2024

A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low... Moderate Unreviewed

CVE-2024-20441 was published Oct 2, 2024

A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been... Moderate Unreviewed

CVE-2024-9297 was published Sep 28, 2024

SAP S/4HANA Finance for (Advanced Payment Management) - versions SAPSCORE 128, S4CORE 107, does... Moderate Unreviewed

CVE-2024-21736 was published Jan 9, 2024

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been rated as... Moderate Unreviewed

CVE-2024-9082 was published Sep 22, 2024

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

173 advisories