GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,416

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,498 advisories

Filter by severity

Sort by

Least recently updated

Improper authorization in handler for custom URL scheme vulnerability in Android App 'Mercari ... High Unreviewed

CVE-2021-20835 was published Nov 25, 2021

WordPress Hide My WP plugin (versions <= 6.2.3) can be deactivated by any unauthenticated user.... High Unreviewed

CVE-2021-36917 was published Nov 25, 2021

The Contest Gallery WordPress plugin before 13.1.0.6 does not have capability checks and does not... Critical Unreviewed

CVE-2021-24915 was published Nov 30, 2021

The Bulk Datetime Change WordPress plugin before 1.12 does not enforce capability checks which... Moderate Unreviewed

CVE-2021-24842 was published Nov 30, 2021

The Tawk.To Live Chat WordPress plugin before 0.6.0 does not have capability and CSRF checks in... High Unreviewed

CVE-2021-24914 was published Dec 7, 2021

The web administration server in Solar-Log 500 before 2.8.2 Build 52 does not require... High Unreviewed

CVE-2021-34543 was published Dec 8, 2021

An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local... Low Unreviewed

CVE-2021-25519 was published Dec 9, 2021

The Contact Form Advanced Database WordPress plugin through 1.0.8 does not have any authorisation... Moderate Unreviewed

CVE-2021-24790 was published Dec 14, 2021

Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5... Moderate Unreviewed

CVE-2021-20866 was published Dec 14, 2021

Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5... Moderate Unreviewed

CVE-2021-20867 was published Dec 14, 2021

Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5... High Unreviewed

CVE-2021-20865 was published Dec 14, 2021

SAP GRC Access Control - versions V1100_700, V1100_731, V1200_750, does not perform necessary... High Unreviewed

CVE-2021-44233 was published Dec 15, 2021

An issue was discovered in Listary through 6. When Listary is configured as admin, Listary will... High Unreviewed

CVE-2021-41066 was published Dec 15, 2021

taocms 3.0.2 is vulnerable to arbitrary file deletion via taocms\include\Model\file.php from line... Critical Unreviewed

CVE-2021-45015 was published Dec 15, 2021

glFusion CMS v1.7.9 is affected by an arbitrary user registration vulnerability in /public_html... Moderate Unreviewed

CVE-2021-44937 was published Dec 15, 2021

A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and... High Unreviewed

CVE-2021-27859 was published Dec 16, 2021

A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and... Moderate Unreviewed

CVE-2021-27858 was published Dec 16, 2021

A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and... High Unreviewed

CVE-2021-27857 was published Dec 16, 2021

FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 includes an... Critical Unreviewed

CVE-2021-27856 was published Dec 16, 2021

FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a... High Unreviewed

CVE-2021-27855 was published Dec 16, 2021

Unauthenticated Arbitrary Options Update vulnerability leading to full website compromise... Critical Unreviewed

CVE-2021-36888 was published Dec 16, 2021

In AdapterService and GattService definition of AndroidManifest.xml, there is a possible way to... High Unreviewed

CVE-2021-1017 was published Dec 16, 2021

In onCreate of NfcImportVCardActivity.java, there is a possible way to add a contact without user... High Unreviewed

CVE-2021-0926 was published Dec 16, 2021

In createOrUpdate of Permission.java, there is a possible way to gain internal permissions due to... High Unreviewed

CVE-2021-0923 was published Dec 16, 2021

In enforceCrossUserOrProfilePermission of PackageManagerService.java, there is a possible bypass... High Unreviewed

CVE-2021-0922 was published Dec 16, 2021

Previous 1 2 3 4 5 … 99 100 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,498 advisories