Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

723 advisories

Loading
In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, a lack of capability... High Unreviewed
CVE-2021-24356 was published May 24, 2022
It has been discovered that redhat-certification does not perform an authorization check and... High Unreviewed
CVE-2018-10865 was published May 24, 2022
The Filr WordPress plugin before 1.2.2.1 does not have authorisation check in two of its AJAX... High Unreviewed
CVE-2022-1777 was published Jun 14, 2022
The S3 buckets and keys in a secure Apache Ozone Cluster must be inaccessible to anonymous access... High Unreviewed
CVE-2020-17517 was published May 24, 2022
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote... High Unreviewed
CVE-2021-1505 was published May 24, 2022
The export_data function of the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4... High Unreviewed
CVE-2021-24352 was published May 24, 2022
An issue was discovered in Couchbase Server before 7.0.4. The Index Service does not enforce... High Unreviewed
CVE-2022-32557 was published Jun 15, 2022
Arbitrary File Deletion vulnerability in XOS-Shop xos_shop_system 1.0.9 via... High Unreviewed
CVE-2021-37764 was published Jun 17, 2022
Affected devices do not properly authorize the change password function of the web interface.... High Unreviewed
CVE-2022-31765 was published Oct 11, 2022
WP DSGVO Tools (GDPR) <= 3.1.23 had an AJAX action, ‘admin-dismiss-unsubscribe‘, which lacked a... High Unreviewed
CVE-2021-42359 was published May 24, 2022
There is an missing authorization issue in the system service. Since the component does not have... High Unreviewed
CVE-2022-20431 was published Oct 12, 2022
There is an missing authorization issue in the system service. Since the component does not have... High Unreviewed
CVE-2022-20430 was published Oct 12, 2022
There is an missing authorization issue in the system service. Since the component does not have... High Unreviewed
CVE-2022-20432 was published Oct 12, 2022
There is an missing authorization issue in the system service. Since the component does not have... High Unreviewed
CVE-2022-20434 was published Oct 12, 2022
The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of... High Unreviewed
CVE-2022-1329 was published Apr 20, 2022
Arbitrary File Deletion vulnerability in XOS-Shop xos_shop_system 1.0.9 via... High Unreviewed
CVE-2021-46820 was published Jun 17, 2022
The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover (even the... High Unreviewed
CVE-2022-1903 was published Jun 28, 2022
There is an missing authorization issue in the system service. Since the component does not have... High Unreviewed
CVE-2022-20433 was published Oct 12, 2022
In Autoboot, there is a possible permission bypass due to a missing permission check. This could... High Unreviewed
CVE-2022-21777 was published Jul 7, 2022
The QQ application 8.7.1 for Android and iOS does not enforce the permission requirements (e.g.,... High Unreviewed
CVE-2021-33057 was published Jul 27, 2022
The Tipsacarrier WordPress plugin through 1.4.4.2 does not have any authorisation check in place... High Unreviewed
CVE-2021-25002 was published May 3, 2022
SAP NetWeaver AS ABAP (Web Dynpro), versions - 731, 740, 750, 751, 752, 753, 754, 755, 782,... High Unreviewed
CVE-2020-26818 was published May 24, 2022
In power management service, there is a missing permission check. This could lead to set up power... High Unreviewed
CVE-2022-39098 was published Dec 6, 2022
In power management service, there is a missing permission check. This could lead to set up power... High Unreviewed
CVE-2022-39100 was published Dec 6, 2022
In power management service, there is a missing permission check. This could lead to set up power... High Unreviewed
CVE-2022-39102 was published Dec 6, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database