Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

183 advisories

Loading
SAP Commerce - versions 2105.3, 2011.13, 2005.18, 1905.34, does not perform necessary... High Unreviewed
CVE-2021-40502 was published May 24, 2022
The OptinMonster WordPress plugin is vulnerable to sensitive information disclosure and... High Unreviewed
CVE-2021-39341 was published May 24, 2022
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 cloud portal allows for self... High Unreviewed
CVE-2021-38486 was published May 24, 2022
Versions up to, and including, 1.0.6, of the Access Demo Importer WordPress plugin are vulnerable... High Unreviewed
CVE-2021-39317 was published May 24, 2022
TadTools special page is vulnerable to authorization bypass, thus remote attackers can use the... High Unreviewed
CVE-2021-41975 was published May 24, 2022
The wp_ajax_upload-remote-file AJAX action of the External Media WordPress plugin before 1.0.34... High Unreviewed
CVE-2021-24311 was published May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP... High Unreviewed
CVE-2021-24188 was published May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP... High Unreviewed
CVE-2021-24191 was published May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed
CVE-2021-24195 was published May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed
CVE-2021-24190 was published May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed
CVE-2021-24193 was published May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed
CVE-2021-24194 was published May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed
CVE-2021-24192 was published May 24, 2022
A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure... High Unreviewed
CVE-2020-27779 was published May 24, 2022
A vulnerability in the API subsystem of Cisco Unified Contact Center Express (Unified CCX) could... High Unreviewed
CVE-2020-3267 was published May 24, 2022
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker... High Unreviewed
CVE-2019-12671 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA)... High Unreviewed
CVE-2019-1934 was published May 24, 2022
bin/csvprocess in cPanel before 68.0.27 allows insecure file operations (SEC-354). High Unreviewed
CVE-2018-20945 was published May 24, 2022
cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck (SEC-81). High Unreviewed
CVE-2016-10848 was published May 24, 2022
cPanel before 11.54.0.0 allows unauthorized password changes via Webmail API commands (SEC-65). High Unreviewed
CVE-2016-10859 was published May 24, 2022
An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. The core... High Unreviewed
CVE-2018-17210 was published May 24, 2022
GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is... High Unreviewed
CVE-2018-19581 was published May 24, 2022
GitLab CE/EE, versions 8.8 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1,... High Unreviewed
CVE-2018-19569 was published May 24, 2022
The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on ... High Unreviewed
CVE-2017-9325 was published May 24, 2022
An issue was discovered on D-Link DCS-1130 devices. The device requires that a user logging to... High Unreviewed
CVE-2017-8409 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database