Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,242 advisories

Loading
Cisco Prime Infrastructure 2.2(2) does not properly restrict use of IFRAME elements, which makes... Moderate Unreviewed
CVE-2016-1474 was published May 17, 2022
IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.0.x before 8.0.0.13, 8.5.0.x... Moderate Unreviewed
CVE-2016-2960 was published May 17, 2022
There is a flaw in the code used to configure the internal gateway firewall when the gateway's... Critical Unreviewed
CVE-2020-12030 was published May 24, 2022
In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, a lack of capability... High Unreviewed
CVE-2021-24356 was published May 24, 2022
In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, the lack of capability... Moderate Unreviewed
CVE-2021-24355 was published May 24, 2022
The Realteo WordPress plugin before 1.2.4, used by the Findeo Theme, did not ensure that the... Moderate Unreviewed
CVE-2021-24238 was published May 24, 2022
A flaw was found in the Red Hat 3scale API Management Platform, where member permissions for an... High Unreviewed
CVE-2020-14388 was published May 24, 2022
The import_data function of the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4... High Unreviewed
CVE-2021-24353 was published May 24, 2022
A vulnerability in the web-based messaging service interface of Cisco SD-WAN vManage Software... High Unreviewed
CVE-2021-1284 was published May 24, 2022
Adobe Genuine Service version 6.6 (and earlier) is affected by an Improper Access control... High Unreviewed
CVE-2020-9668 was published May 24, 2022
The firmware of InHand Networks InRouter302 V3.5.45 introduces fixes for TALOS-2022-1472 and... Critical Unreviewed
CVE-2022-25932 was published Nov 9, 2022
A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior... Moderate Unreviewed
CVE-2020-14312 was published May 24, 2022
The Weintek cMT product line is vulnerable to various improper access controls, which may allow... Critical Unreviewed
CVE-2021-27444 was published May 17, 2022
Matrikon, a subsidary of Honeywell Matrikon OPC Server (all versions) is vulnerable to a... High Unreviewed
CVE-2022-1261 was published May 27, 2022
Philips MRI 1.5T and MRI 3T Version 5.x.x does not restrict or incorrectly restricts access to a... Moderate Unreviewed
CVE-2021-26262 was published Nov 20, 2021
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and... Moderate Unreviewed
CVE-2015-3152 was published May 14, 2022
bookstack is vulnerable to Improper Access Control Moderate
CVE-2021-4194 was published for ssddanbrown/bookstack (Composer) Jan 8, 2022
The Improved Include Page WordPress plugin through 1.2 allows passing shortcode attributes with... Moderate Unreviewed
CVE-2021-24845 was published Dec 14, 2021
The Logo Showcase with Slick Slider WordPress plugin before 1.2.5 does not have CSRF and... Moderate Unreviewed
CVE-2021-24730 was published Mar 1, 2022
Improper Access Control in Elasticsearch High
CVE-2015-1427 was published for org.elasticsearch:elasticsearch (Maven) May 14, 2022
Improper Access Control in Apache Tomcat Moderate
CVE-2012-5885 was published for org.apache.tomcat:tomcat (Maven) May 17, 2022
Improper Access Control in MySQL Connectors Java High
CVE-2017-3523 was published for mysql:mysql-connector-java (Maven) May 13, 2022
Improper Access Control in Apache Hadoop High
CVE-2016-5393 was published for org.apache.hadoop:hadoop-common (Maven) May 17, 2022
Improper Access Control in Apache Tomcat Moderate
CVE-2014-7810 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier)... High Unreviewed
CVE-2021-21045 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API