Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,614
Maven
5,000+
npm
4,254
NuGet
760
pip
4,031
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

39 advisories

Loading
An unauthenticated attacker could arbitrarily upload firmware files to the target device,... High Unreviewed
CVE-2022-31480 was published Jun 7, 2022
An unauthenticated attacker can send a specially crafted network packet to delete a user from the... High Unreviewed
CVE-2022-31484 was published Jun 7, 2022
A Privilege Escalation vulnerability exists in Sourcecodester Money Transfer Management System 1... High Unreviewed
CVE-2021-44582 was published Jun 11, 2022
The Simple Download Monitor WordPress plugin before 3.9.6 saves logs in a predictable location,... High Unreviewed
CVE-2021-24695 was published May 24, 2022
Forced Browsing vulnerability in HYPR Server version 6.10 to 6.15.1 allows remote attackers with... High Unreviewed
CVE-2022-2192 was published Jul 20, 2022
The Ninja Job Board WordPress plugin before 1.3.3 does not protect the directory where it stores... High Unreviewed
CVE-2022-2544 was published Aug 23, 2022
The Duplicator WordPress plugin before 1.4.7 discloses the url of the a backup to unauthenticated... High Unreviewed
CVE-2022-2551 was published Aug 23, 2022
In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export.... High Unreviewed
CVE-2021-34588 was published Apr 28, 2022
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 allows a remote,... High Unreviewed
CVE-2019-3917 was published May 13, 2022
Pangea Communications Internet FAX ATA all Versions 3.1.8 and prior allow an attacker to bypass... High Unreviewed
CVE-2019-6551 was published May 13, 2022
The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to... High Unreviewed
CVE-2017-15235 was published May 13, 2022
LG SuperSign CMS allows TVs to be rebooted remotely without authentication via a direct HTTP... High Unreviewed
CVE-2018-16706 was published May 13, 2022
Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02... High Unreviewed
CVE-2019-3916 was published May 13, 2022
The Admin Panel of PHP Scripts Mall Advance Peer to Peer MLM Script v1.7.0 allows remote... High Unreviewed
CVE-2019-6126 was published May 13, 2022
A whitelist bypass vulnerability in McAfee Application Control / Change Control 7.0.1 and before... High Unreviewed
CVE-2018-6669 was published May 13, 2022
OXID eShop Community Edition before 6.0.0 RC3 (development), 4.10.x before 4.10.6 (maintenance),... High Unreviewed
CVE-2017-14993 was published May 13, 2022
BMC Remedy Mid-Tier 7.1.00 and 9.1.02.003 for BMC Remedy AR System has Incorrect Access Control... High Unreviewed
CVE-2018-18862 was published May 13, 2022
tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by... High Unreviewed
CVE-2018-19109 was published May 13, 2022
In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23,... High Unreviewed
CVE-2018-7526 was published May 13, 2022
Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users (editor or... High Unreviewed
CVE-2019-14347 was published May 24, 2022
A vulnerability has been found in Xunrui CMS 4.61 and classified as problematic. Affected by this... High Unreviewed
CVE-2023-1682 was published Mar 29, 2023
A vulnerability was found in TEM FLEX-1080 and FLEX-1085 1.6.0. It has been declared as... High Unreviewed
CVE-2022-1077 was published Mar 30, 2022
A vulnerability has been identified in SICAM A8000 CP-8031 (All versions < V4.80), SICAM A8000 CP... High Unreviewed
CVE-2022-27480 was published Apr 13, 2022
All AJAX actions of the Tab WordPress plugin before 1.3.2 are available to both unauthenticated... High Unreviewed
CVE-2021-24831 was published Jan 4, 2022
Hosting Controller 6.1 Hotfix 1.9 and earlier allows remote attackers to register arbitrary users... High Unreviewed
CVE-2005-1654 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database