GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,007 advisories
Filter by severity
Philips MRI 1.5T and MRI 3T Version 5.x.x does not restrict or incorrectly restricts access to a...
Moderate
Unreviewed
CVE-2021-26262
was published
Nov 20, 2021
Adobe Creative Cloud version 5.5 (and earlier) are affected by a privilege escalation...
High
Unreviewed
CVE-2021-43019
was published
Nov 24, 2021
The Download Plugin WordPress plugin before 1.6.1 does not have capability and CSRF checks in the...
Moderate
Unreviewed
CVE-2021-24703
was published
Nov 24, 2021
Insulet Omnipod Insulin Management System insulin pump product ID 19191 and 40160 is designed to...
High
Unreviewed
CVE-2020-10627
was published
Dec 2, 2021
The User Meta Shortcodes WordPress plugin through 0.5 registers a shortcode that allows any user...
Moderate
Unreviewed
CVE-2021-24859
was published
Dec 14, 2021
The Improved Include Page WordPress plugin through 1.2 allows passing shortcode attributes with...
Moderate
Unreviewed
CVE-2021-24845
was published
Dec 14, 2021
peertube is vulnerable to Improper Access Control
High
Unreviewed
CVE-2022-0133
was published
Jan 11, 2022
peertube is vulnerable to Improper Access Control
Moderate
Unreviewed
CVE-2022-0170
was published
Jan 12, 2022
The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib...
High
Unreviewed
CVE-2021-24906
was published
Jan 25, 2022
The WP Post Page Clone WordPress plugin before 1.2 allows users with a role as low as Contributor...
Moderate
Unreviewed
CVE-2021-24733
was published
Jan 25, 2022
Prior to v0.6.1, bored-agent failed to sanitize incoming kubernetes impersonation headers...
High
Unreviewed
CVE-2022-0270
was published
Jan 26, 2022
The LabTools WordPress plugin through 1.0 does not have proper authorisation and CSRF check in...
Moderate
Unreviewed
CVE-2021-25097
was published
Feb 2, 2022
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where a...
Moderate
Unreviewed
CVE-2022-21816
was published
Feb 8, 2022
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper...
Moderate
Unreviewed
CVE-2022-21813
was published
Feb 8, 2022
The Ultimate Product Catalog WordPress plugin before 5.0.26 does not have authorisation and CSRF...
Moderate
Unreviewed
CVE-2021-24993
was published
Feb 8, 2022
The IP2Location Country Blocker WordPress plugin before 2.26.5 does not have authorisation and...
High
Unreviewed
CVE-2021-25095
was published
Feb 8, 2022
The Advanced Cron Manager WordPress plugin before 2.4.2, advanced-cron-manager-pro WordPress...
Moderate
Unreviewed
CVE-2021-25084
was published
Feb 8, 2022
The SupportCandy WordPress plugin before 2.2.5 does not have authorisation and CRSF checks in its...
Moderate
Unreviewed
CVE-2021-24839
was published
Feb 8, 2022
After the initial setup process, some steps of setup.php file are reachable not only by super...
Moderate
Unreviewed
CVE-2022-23134
was published
Feb 9, 2022
An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111...
High
Unreviewed
CVE-2022-21825
was published
Feb 11, 2022
An improper access control in LiveWallpaperService prior to versions 3.0.9.0 allows to create a...
Moderate
Unreviewed
CVE-2022-24924
was published
Feb 12, 2022
Improper access control vulnerability in Samsung SearchWidget prior to versions 2.3.00.6 in China...
Low
Unreviewed
CVE-2022-24923
was published
Feb 12, 2022
An Improper access control vulnerability in StBedtimeModeReceiver in Wear OS 3.0 prior to...
Moderate
Unreviewed
CVE-2022-23994
was published
Feb 12, 2022
Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S(12)...
Moderate
Unreviewed
CVE-2022-23433
was published
Feb 12, 2022
The backend infrastructure shared by multiple mobile device monitoring services does not...
High
Unreviewed
CVE-2022-0732
was published
Feb 25, 2022
ProTip!
Advisories are also available from the
GraphQL API