GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,497
Composer 4,963
Erlang 39
GitHub Actions 38
Go 2,615
Maven 6,096
npm 4,255
NuGet 760
pip 4,036
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,677

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

136 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability has been found in Xunrui CMS 4.61 and classified as problematic. Affected by this... High Unreviewed

CVE-2023-1682 was published Mar 29, 2023

COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1... High Unreviewed

CVE-2022-47700 was published Jan 31, 2023

The Autoptimize WordPress plugin before 3.1.0 uses an easily guessable path to store plugin's... Moderate Unreviewed

CVE-2022-4057 was published Jan 3, 2023

Certain ZKTeco products (ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM) allow access to sensitive... High Unreviewed

CVE-2022-42953 was published Dec 25, 2022

An issue in the /index/user/user_edit.html component of YJCMS v1.0.9 allows unauthenticated... Critical Unreviewed

CVE-2022-45276 was published Nov 23, 2022

The Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576) is affected by a password exposure... Moderate Unreviewed

CVE-2022-40845 was published Nov 15, 2022

In Simple Exam Reviewer Management System v1.0 the User List function has improper access control... Moderate Unreviewed

CVE-2022-42197 was published Oct 20, 2022

A Vertical Privilege Escalation issue in Merchandise Online Store v.1.0 allows an attacker to get... High Unreviewed

CVE-2022-42238 was published Oct 11, 2022

A forced browsing vulnerability in Trend Micro Apex One could allow an attacker with access to... Critical Unreviewed

CVE-2022-41746 was published Oct 11, 2022

Contec FXA3200 version 1.13.00 and under suffers from Insecure Permissions in the Wireless LAN... High Unreviewed

CVE-2022-36158 was published Sep 27, 2022

The Ninja Job Board WordPress plugin before 1.3.3 does not protect the directory where it stores... High Unreviewed

CVE-2022-2544 was published Aug 23, 2022

The Duplicator WordPress plugin before 1.4.7 discloses the url of the a backup to unauthenticated... High Unreviewed

CVE-2022-2551 was published Aug 23, 2022

The SP Project & Document Manager WordPress plugin through 4.57 uses an easily guessable path to... Moderate Unreviewed

CVE-2022-1551 was published Jul 26, 2022

Forced Browsing vulnerability in HYPR Server version 6.10 to 6.15.1 allows remote attackers with... High Unreviewed

CVE-2022-2192 was published Jul 20, 2022

A Privilege Escalation vulnerability exists in Sourcecodester Money Transfer Management System 1... High Unreviewed

CVE-2021-44582 was published Jun 11, 2022

An unauthenticated attacker can send a specially crafted network packet to delete a user from the... High Unreviewed

CVE-2022-31484 was published Jun 7, 2022

An unauthenticated attacker can send a specially crafted packets to update the “notes” section of... Moderate Unreviewed

CVE-2022-31485 was published Jun 7, 2022

An unauthenticated attacker could arbitrarily upload firmware files to the target device,... High Unreviewed

CVE-2022-31480 was published Jun 7, 2022

The Simple Download Monitor WordPress plugin before 3.9.6 saves logs in a predictable location,... High Unreviewed

CVE-2021-24695 was published May 24, 2022

Mitsubishi Electric SmartRTU devices allow remote attackers to obtain sensitive information ... High Unreviewed

CVE-2018-16060 was published May 24, 2022

Affected versions of Atlassian Confluence Server allow remote attackers to view restricted... Moderate Unreviewed

CVE-2021-26085 was published May 24, 2022

The Realteo WordPress plugin before 1.2.4, used by the Findeo Theme, did not ensure that the... Moderate Unreviewed

CVE-2021-24238 was published May 24, 2022

An Improper Access Control vulnerability was discovered in the Controlled Admin Access WordPress... Critical Unreviewed

CVE-2021-24215 was published May 24, 2022

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. An... Moderate Unreviewed

CVE-2020-35570 was published May 24, 2022

Tenda N300 F3 12.01.01.48 devices allow remote attackers to obtain sensitive information ... Moderate Unreviewed

CVE-2020-35391 was published May 24, 2022

Previous 1…3…6 Next

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

136 advisories