GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
59 advisories
Filter by severity
A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure...
Moderate
Unreviewed
CVE-2022-24385
was published
Mar 15, 2022
The Realteo WordPress plugin before 1.2.4, used by the Findeo Theme, did not ensure that the...
Moderate
Unreviewed
CVE-2021-24238
was published
May 24, 2022
An unauthenticated attacker can send a specially crafted packets to update the “notes” section of...
Moderate
Unreviewed
CVE-2022-31485
was published
Jun 7, 2022
A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon...
Moderate
Unreviewed
CVE-2020-7541
was published
May 24, 2022
Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat appliances with software...
Moderate
Unreviewed
CVE-2015-2873
was published
May 13, 2022
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an...
Moderate
Unreviewed
CVE-2018-0198
was published
May 13, 2022
A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content...
Moderate
Unreviewed
CVE-2018-0140
was published
May 13, 2022
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an...
Moderate
Unreviewed
CVE-2018-0267
was published
May 13, 2022
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an...
Moderate
Unreviewed
CVE-2018-0266
was published
May 13, 2022
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an...
Moderate
Unreviewed
CVE-2018-0105
was published
May 13, 2022
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. An...
Moderate
Unreviewed
CVE-2020-35570
was published
May 24, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10...
Moderate
Unreviewed
CVE-2017-2486
was published
May 13, 2022
CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese...
Moderate
Unreviewed
CVE-2017-2139
was published
May 13, 2022
CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart Multivendor Japanese Edition v4.3.10...
Moderate
Unreviewed
CVE-2017-2143
was published
May 13, 2022
An insecure direct object reference vulnerability in download.cgi in ASUSTOR AS6202T ADM 3.1.0...
Moderate
Unreviewed
CVE-2018-11346
was published
May 13, 2022
Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0...
Moderate
Unreviewed
CVE-2018-19143
was published
May 13, 2022
A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture...
Moderate
Unreviewed
CVE-2021-24046
was published
Jan 15, 2022
Coverity versions prior to 2023.3.2 are vulnerable to forced browsing, which exposes...
Moderate
Unreviewed
CVE-2023-1663
was published
Mar 29, 2023
Tenda N300 F3 12.01.01.48 devices allow remote attackers to obtain sensitive information ...
Moderate
Unreviewed
CVE-2020-35391
was published
May 24, 2022
Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022...
Moderate
Unreviewed
CVE-2022-24932
was published
Mar 11, 2022
The Autoptimize WordPress plugin before 3.1.0 uses an easily guessable path to store plugin's...
Moderate
Unreviewed
CVE-2022-4057
was published
Jan 3, 2023
The SP Project & Document Manager WordPress plugin through 4.57 uses an easily guessable path to...
Moderate
Unreviewed
CVE-2022-1551
was published
Jul 26, 2022
A vulnerability was found in GeoServer GeoWebCache up to 1.15.1. It has been declared as...
Moderate
Unreviewed
CVE-2023-5786
was published
Oct 26, 2023
A vulnerability was found in Beijing Netcon NS-ASG 6.3. It has been classified as problematic....
Moderate
Unreviewed
CVE-2023-3792
was published
Jul 20, 2023
A vulnerability classified as critical has been found in Control iD RHiD 23.3.19.0. This affects...
Moderate
Unreviewed
CVE-2023-2524
was published
May 4, 2023
ProTip!
Advisories are also available from the
GraphQL API