GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,172 advisories
Filter by severity
Missing authorization vulnerability in Advanced Custom Fields versions prior to 5.12.1 and...
Moderate
Unreviewed
CVE-2022-23183
was published
Apr 1, 2022
Hospital Management System v1.0 was discovered to lack an authorization component, allowing...
Critical
Unreviewed
CVE-2022-26546
was published
Apr 1, 2022
In Settings, there is a possible way to add an auto-connect WiFi network without the user's...
High
Unreviewed
CVE-2021-39768
was published
Mar 31, 2022
In WindowManager, there is a possible way to start a foreground activity from the background due...
High
Unreviewed
CVE-2021-39758
was published
Mar 31, 2022
The OSMapper WordPress plugin through 2.1.5 contains an AJAX action to delete a plugin related...
Moderate
Unreviewed
CVE-2021-24978
was published
Mar 29, 2022
The Church Admin WordPress plugin before 3.4.135 does not have authorisation and CSRF in some of...
Moderate
Unreviewed
CVE-2022-0833
was published
Mar 29, 2022
Under certain conditions, SAP Innovation management - version 2.0, allows an attacker to access...
High
Unreviewed
CVE-2022-27658
was published
Mar 29, 2022
Certain Tesla vehicles through 2022-03-26 allow attackers to open the charging port via a 315 MHz...
Moderate
Unreviewed
CVE-2022-27948
was published
Mar 28, 2022
It was found that 3scale's APIdocs does not validate the access token, in the case of invalid...
High
Unreviewed
CVE-2021-3814
was published
Mar 26, 2022
idcCMS v1.10 was discovered to contain an issue which allows attackers to arbitrarily delete the...
High
Unreviewed
CVE-2022-27333
was published
Mar 23, 2022
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by incorrect access control. Lack of...
Critical
Unreviewed
CVE-2021-45878
was published
Mar 22, 2022
The miniOrange's Google Authenticator WordPress plugin before 5.5 does not have proper...
High
Unreviewed
CVE-2022-0229
was published
Mar 22, 2022
Automotive Grade Linux Kooky Koi 11.0.0, 11.0.1, 11.0.2, 11.0.3, 11.0.4, and 11.0.5 is affected...
Critical
Unreviewed
CVE-2022-24595
was published
Mar 19, 2022
An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious...
Moderate
Unreviewed
CVE-2021-45852
was published
Mar 17, 2022
The Meks Easy Photo Feed Widget WordPress plugin before 1.2.4 does not have capability and CSRF...
Moderate
Unreviewed
CVE-2021-24958
was published
Mar 15, 2022
The Insight Core WordPress plugin through 1.0 does not have any authorisation and CSRF checks in...
Moderate
Unreviewed
CVE-2021-24950
was published
Mar 15, 2022
Under certain conditions, SAP NetWeaver (Real Time Messaging Framework) - version 7.50, allows an...
Moderate
Unreviewed
CVE-2022-26103
was published
Mar 11, 2022
Due to missing authorization check, SAP NetWeaver Application Server for ABAP - versions 700, 701...
Moderate
Unreviewed
CVE-2022-26102
was published
Mar 11, 2022
SAP Financial Consolidation - version 10.1, does not perform necessary authorization checks for...
Moderate
Unreviewed
CVE-2022-26104
was published
Mar 11, 2022
The Download Manager WordPress plugin before 3.2.35 does not have any authorisation checks in...
High
Unreviewed
CVE-2021-25087
was published
Mar 8, 2022
The Smart Forms WordPress plugin before 2.6.71 does not have authorisation in its...
Moderate
Unreviewed
CVE-2022-0163
was published
Mar 8, 2022
Improper Access Control in GitHub repository salesagility/suitecrm prior to 7.12.5.
Moderate
Unreviewed
CVE-2022-0755
was published
Mar 8, 2022
Improper Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5.
Moderate
Unreviewed
CVE-2022-0756
was published
Mar 8, 2022
DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through an...
High
Unreviewed
CVE-2021-46378
was published
Mar 5, 2022
A flaw was discovered in Kibana in which users with Read access to the Uptime feature could...
Moderate
Unreviewed
CVE-2022-23709
was published
Mar 4, 2022
ProTip!
Advisories are also available from the
GraphQL API