GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,335
Composer 4,133
Erlang 29
GitHub Actions 19
Go 1,939
Maven 5,134
npm 3,677
NuGet 643
pip 3,295
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 230,798

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

226 advisories

Filter by severity

Sort by

Least recently updated

Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a... Critical Unreviewed

CVE-2019-13690 was published Aug 25, 2023

The Donation Forms by Charitable plugin for WordPress is vulnerable to privilege escalation in... Critical Unreviewed

CVE-2023-4404 was published Aug 23, 2023

IBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 is vulnerable... Critical Unreviewed

CVE-2023-38734 was published Aug 23, 2023

An issue was discovered in getRememberedSerializedIdentity function in CookieRememberMeManager... Critical Unreviewed

CVE-2021-28411 was published Aug 11, 2023

The MStore API WordPress plugin before 3.9.9 does not prevent visitors from creating user... Critical Unreviewed

CVE-2023-3076 was published Jul 10, 2023

Improper Privilege Management vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise,... Critical Unreviewed

CVE-2023-0635 was published Jul 6, 2023

Use After Free (UAF) vulnerability in the uinput module.Successful exploitation of this... Critical Unreviewed

CVE-2021-46894 was published Jul 6, 2023

The Ultimate Member WordPress plugin before 2.6.7 does not prevent visitors from creating user... Critical Unreviewed

CVE-2023-3460 was published Jul 4, 2023

In Splunk App for Stream versions below 8.1.1, a low-privileged user could use a vulnerability in... Critical Unreviewed

CVE-2023-32713 was published Jun 1, 2023

An issue found in edjing Mix v.7.09.01 for Android allows unauthorized apps to cause escalation... Critical Unreviewed

CVE-2023-29734 was published May 30, 2023

Code execution and sensitive information disclosure due to excessive privileges assigned to... Critical Unreviewed

CVE-2022-3405 was published May 3, 2023

Instruments with Illumina Universal Copy Service v1.x and v2.x contain an unnecessary privileges... Critical Unreviewed

CVE-2023-1966 was published Apr 28, 2023

Improper privilege management vulnerability in default.cmd file in PowerPanel Business Local... Critical Unreviewed

CVE-2023-25133 was published Apr 24, 2023

TightVNC before v2.8.75 allows attackers to escalate privileges on the host operating system via... Critical Unreviewed

CVE-2023-27830 was published Apr 12, 2023

Dell PowerScale OneFS 9.0.0.x - 9.4.0.x, contains an Improper Handling of Insufficient Privileges... Critical Unreviewed

CVE-2022-45101 was published Feb 1, 2023

The Login as User or Customer WordPress plugin before 3.3 lacks authorization checks to ensure... Critical Unreviewed

CVE-2022-4305 was published Jan 23, 2023

JFrog Artifactory prior to 7.37.13 is vulnerable to Authentication Bypass, which can lead to... Critical Unreviewed

CVE-2022-0668 was published Jan 8, 2023

A privilege escalation vulnerability is identified in Ivanti EPM (LANDesk Management Suite) that... Critical Unreviewed

CVE-2022-27773 was published Dec 6, 2022

An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to... Critical Unreviewed

CVE-2022-44929 was published Dec 2, 2022

Symantec Endpoint Protection (Windows) agent may be susceptible to a Privilege Escalation... Critical Unreviewed

CVE-2022-37016 was published Dec 1, 2022

The system framework layer has a vulnerability of serialization/deserialization mismatch.... Critical Unreviewed

CVE-2022-44562 was published Nov 10, 2022

Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability. Critical Unreviewed

CVE-2022-37968 was published Oct 12, 2022

An issue in the component post_applogin.php of Super Flexible Software GmbH & Co. KG Syncovery 9... Critical Unreviewed

CVE-2022-36536 was published Sep 17, 2022

Unauthenticated Plugin Settings Change & Data Deletion vulnerabilities in WP Shop plugin <= 3.9.6... Critical Unreviewed

CVE-2022-36793 was published Sep 10, 2022

Authentication Bypass vulnerability in miniOrange OAuth 2.0 client for SSO plugin <= 1.11.3 at... Critical Unreviewed

CVE-2022-34858 was published Aug 23, 2022

Previous 1 2 3 4 5 6 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

226 advisories