GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,470

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,172 advisories

Filter by severity

Sort by

Least recently updated

Missing authorization vulnerability in Advanced Custom Fields versions prior to 5.12.1 and... Moderate Unreviewed

CVE-2022-23183 was published Apr 1, 2022

Hospital Management System v1.0 was discovered to lack an authorization component, allowing... Critical Unreviewed

CVE-2022-26546 was published Apr 1, 2022

In Settings, there is a possible way to add an auto-connect WiFi network without the user's... High Unreviewed

CVE-2021-39768 was published Mar 31, 2022

In WindowManager, there is a possible way to start a foreground activity from the background due... High Unreviewed

CVE-2021-39758 was published Mar 31, 2022

The OSMapper WordPress plugin through 2.1.5 contains an AJAX action to delete a plugin related... Moderate Unreviewed

CVE-2021-24978 was published Mar 29, 2022

The Church Admin WordPress plugin before 3.4.135 does not have authorisation and CSRF in some of... Moderate Unreviewed

CVE-2022-0833 was published Mar 29, 2022

Under certain conditions, SAP Innovation management - version 2.0, allows an attacker to access... High Unreviewed

CVE-2022-27658 was published Mar 29, 2022

Certain Tesla vehicles through 2022-03-26 allow attackers to open the charging port via a 315 MHz... Moderate Unreviewed

CVE-2022-27948 was published Mar 28, 2022

It was found that 3scale's APIdocs does not validate the access token, in the case of invalid... High Unreviewed

CVE-2021-3814 was published Mar 26, 2022

idcCMS v1.10 was discovered to contain an issue which allows attackers to arbitrarily delete the... High Unreviewed

CVE-2022-27333 was published Mar 23, 2022

Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by incorrect access control. Lack of... Critical Unreviewed

CVE-2021-45878 was published Mar 22, 2022

The miniOrange's Google Authenticator WordPress plugin before 5.5 does not have proper... High Unreviewed

CVE-2022-0229 was published Mar 22, 2022

Automotive Grade Linux Kooky Koi 11.0.0, 11.0.1, 11.0.2, 11.0.3, 11.0.4, and 11.0.5 is affected... Critical Unreviewed

CVE-2022-24595 was published Mar 19, 2022

An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious... Moderate Unreviewed

CVE-2021-45852 was published Mar 17, 2022

The Meks Easy Photo Feed Widget WordPress plugin before 1.2.4 does not have capability and CSRF... Moderate Unreviewed

CVE-2021-24958 was published Mar 15, 2022

The Insight Core WordPress plugin through 1.0 does not have any authorisation and CSRF checks in... Moderate Unreviewed

CVE-2021-24950 was published Mar 15, 2022

Under certain conditions, SAP NetWeaver (Real Time Messaging Framework) - version 7.50, allows an... Moderate Unreviewed

CVE-2022-26103 was published Mar 11, 2022

Due to missing authorization check, SAP NetWeaver Application Server for ABAP - versions 700, 701... Moderate Unreviewed

CVE-2022-26102 was published Mar 11, 2022

SAP Financial Consolidation - version 10.1, does not perform necessary authorization checks for... Moderate Unreviewed

CVE-2022-26104 was published Mar 11, 2022

The Download Manager WordPress plugin before 3.2.35 does not have any authorisation checks in... High Unreviewed

CVE-2021-25087 was published Mar 8, 2022

The Smart Forms WordPress plugin before 2.6.71 does not have authorisation in its... Moderate Unreviewed

CVE-2022-0163 was published Mar 8, 2022

Improper Access Control in GitHub repository salesagility/suitecrm prior to 7.12.5. Moderate Unreviewed

CVE-2022-0755 was published Mar 8, 2022

Improper Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5. Moderate Unreviewed

CVE-2022-0756 was published Mar 8, 2022

DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through an... High Unreviewed

CVE-2021-46378 was published Mar 5, 2022

A flaw was discovered in Kibana in which users with Read access to the Uptime feature could... Moderate Unreviewed

CVE-2022-23709 was published Mar 4, 2022

Previous 1 2 … 82 83 84 85 86 87 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,172 advisories