GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,070
Composer 4,319
Erlang 31
GitHub Actions 21
Go 2,077
Maven 5,250
npm 3,746
NuGet 674
pip 3,435
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,267

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

857 advisories

Filter by severity

Sort by

Least recently updated

Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, Outlook 2016... Moderate Unreviewed

CVE-2016-3366 was published May 13, 2022

Cross-domain vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 7 allows remote... Moderate Unreviewed

CVE-2008-2947 was published May 1, 2022

The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 lacks authorization... Moderate Unreviewed

CVE-2022-0634 was published Apr 26, 2022

Plugin Settings Update vulnerability in ShortPixel's ShortPixel Adaptive Images plugin <= 3.3.1... Moderate Unreviewed

CVE-2022-29417 was published Apr 26, 2022

A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23... Moderate Unreviewed

CVE-2022-25650 was published Apr 13, 2022

Improper access control vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical... Moderate Unreviewed

CVE-2022-25831 was published Apr 12, 2022

Improper Access Control in GitHub repository phpipam/phpipam prior to 1.4.6. Moderate Unreviewed

CVE-2022-1223 was published Apr 5, 2022

Improper Access Control in GitHub repository janeczku/calibre-web prior to 0.6.16. Moderate Unreviewed

CVE-2022-0405 was published Apr 4, 2022

An Improper access control vulnerability in StRetailModeReceiver in Wear OS 3.0 prior to Firmware... Moderate Unreviewed

CVE-2022-24930 was published Mar 11, 2022

A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23... Moderate Unreviewed

CVE-2022-26317 was published Mar 9, 2022

The [field] shortcode included with the Custom Content Shortcode WordPress plugin before 4.0.1,... Moderate Unreviewed

CVE-2021-24824 was published Mar 8, 2022

The Custom Content Shortcode WordPress plugin before 4.0.2 does not validate the data passed to... Moderate Unreviewed

CVE-2021-24825 was published Mar 8, 2022

Improper Access Control in GitHub repository salesagility/suitecrm prior to 7.12.5. Moderate Unreviewed

CVE-2022-0755 was published Mar 8, 2022

JFrog Artifactory before 7.31.10, is vulnerable to Broken Access Control where a project admin... Moderate Unreviewed

CVE-2021-46270 was published Mar 3, 2022

The Orange Form WordPress plugin through 1.0.1 does not have any authorisation and CSRF checks in... Moderate Unreviewed

CVE-2021-24688 was published Mar 1, 2022

The Logo Showcase with Slick Slider WordPress plugin before 1.2.5 does not have CSRF and... Moderate Unreviewed

CVE-2021-24730 was published Mar 1, 2022

Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S(12)... Moderate Unreviewed

CVE-2022-23433 was published Feb 12, 2022

An Improper access control vulnerability in StBedtimeModeReceiver in Wear OS 3.0 prior to... Moderate Unreviewed

CVE-2022-23994 was published Feb 12, 2022

An improper access control in LiveWallpaperService prior to versions 3.0.9.0 allows to create a... Moderate Unreviewed

CVE-2022-24924 was published Feb 12, 2022

After the initial setup process, some steps of setup.php file are reachable not only by super... Moderate Unreviewed

CVE-2022-23134 was published Feb 9, 2022

The SupportCandy WordPress plugin before 2.2.5 does not have authorisation and CRSF checks in its... Moderate Unreviewed

CVE-2021-24839 was published Feb 8, 2022

The Ultimate Product Catalog WordPress plugin before 5.0.26 does not have authorisation and CSRF... Moderate Unreviewed

CVE-2021-24993 was published Feb 8, 2022

The Advanced Cron Manager WordPress plugin before 2.4.2, advanced-cron-manager-pro WordPress... Moderate Unreviewed

CVE-2021-25084 was published Feb 8, 2022

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper... Moderate Unreviewed

CVE-2022-21813 was published Feb 8, 2022

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where a... Moderate Unreviewed

CVE-2022-21816 was published Feb 8, 2022

Previous 1 2 … 31 32 33 34 35 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

857 advisories