Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

148 advisories

Loading
Coverity versions prior to 2023.3.2 are vulnerable to forced browsing, which exposes... Moderate Unreviewed
CVE-2023-1663 was published Mar 29, 2023
Tenda N300 F3 12.01.01.48 devices allow remote attackers to obtain sensitive information ... Moderate Unreviewed
CVE-2020-35391 was published May 24, 2022
A vulnerability was found in TEM FLEX-1080 and FLEX-1085 1.6.0. It has been declared as... High Unreviewed
CVE-2022-1077 was published Mar 30, 2022
Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022... Moderate Unreviewed
CVE-2022-24932 was published Mar 11, 2022
A vulnerability has been identified in SICAM A8000 CP-8031 (All versions < V4.80), SICAM A8000 CP... High Unreviewed
CVE-2022-27480 was published Apr 13, 2022
The Autoptimize WordPress plugin before 3.1.0 uses an easily guessable path to store plugin's... Moderate Unreviewed
CVE-2022-4057 was published Jan 3, 2023
The SP Project & Document Manager WordPress plugin through 4.57 uses an easily guessable path to... Moderate Unreviewed
CVE-2022-1551 was published Jul 26, 2022
All AJAX actions of the Tab WordPress plugin before 1.3.2 are available to both unauthenticated... High Unreviewed
CVE-2021-24831 was published Jan 4, 2022
Open Redirect in url-parse Critical
CVE-2018-3774 was published for url-parse (npm) Aug 13, 2018
A vulnerability was found in GeoServer GeoWebCache up to 1.15.1. It has been declared as... Moderate Unreviewed
CVE-2023-5786 was published Oct 26, 2023
A vulnerability was found in Beijing Netcon NS-ASG 6.3. It has been classified as problematic.... Moderate Unreviewed
CVE-2023-3792 was published Jul 20, 2023
A vulnerability classified as critical has been found in Control iD RHiD 23.3.19.0. This affects... Moderate Unreviewed
CVE-2023-2524 was published May 4, 2023
A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic.... Moderate Unreviewed
CVE-2023-5702 was published Oct 23, 2023
Wagtail vulnerable to disclosure of user names via admin bulk action views Low
CVE-2023-45809 was published for wagtail (pip) Oct 19, 2023
quyenheu
Missing Authorization in Jenkins Moderate
CVE-2019-10354 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
The RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allows remote attackers to obtain sensitive... Moderate Unreviewed
CVE-2005-1697 was published May 1, 2022
episodex guestbook allows remote attackers to bypass authentication and edit scripts via a direct... High Unreviewed
CVE-2005-1685 was published May 1, 2022
FlatNuke 2.5.3 allows remote attackers to cause a denial of service or obtain sensitive... Moderate Unreviewed
CVE-2005-1892 was published May 1, 2022
Hosting Controller 6.1 Hotfix 1.9 and earlier allows remote attackers to register arbitrary users... High Unreviewed
CVE-2005-1654 was published May 1, 2022
D-Link DSL-504T allows remote attackers to bypass authentication and gain privileges, such as... High Unreviewed
CVE-2005-1827 was published May 1, 2022
YusASP Web Asset Manager 1.0 allows remote attackers to gain privileges via a direct request to... High Unreviewed
CVE-2005-1668 was published May 1, 2022
PostNuke 0.750 and 0.760RC3 allows remote attackers to obtain sensitive information via a direct... Moderate Unreviewed
CVE-2005-1698 was published May 1, 2022
In affected Ops Manager versions there is an exposed http route was that may allow attackers to... Moderate Unreviewed
CVE-2019-2388 was published May 24, 2022
IBM PowerSC 1.3, 2.0, and 2.1 fails to properly restrict access to a URL or resource, which may... Moderate Unreviewed
CVE-2023-50935 was published Feb 2, 2024
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to... Critical Unreviewed
CVE-2024-0204 was published Jan 22, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database