Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

645 advisories

Loading
In NFC, there is a possible way to setup a default contactless payment app without user consent... High Unreviewed
CVE-2021-39810 was published Oct 30, 2023
The Post Meta Data Manager plugin for WordPress is vulnerable to unauthorized modification of... High Unreviewed
CVE-2023-5425 was published Oct 28, 2023
The Post Meta Data Manager plugin for WordPress is vulnerable to unauthorized modification of... High Unreviewed
CVE-2023-5426 was published Oct 28, 2023
The WP EXtra plugin for WordPress is vulnerable to unauthorized modification of data due to a... High Unreviewed
CVE-2023-5311 was published Oct 25, 2023
An authenticated XCC user with Read-Only permission can change a different user’s password... High Unreviewed
CVE-2023-4606 was published Oct 25, 2023
The vulnerability allows a low privileged (untrusted) application to modify a critical system... High Unreviewed
CVE-2023-43488 was published Oct 25, 2023
The Soisy Pagamento Rateale plugin for WordPress is vulnerable to unauthorized access of data due... High Unreviewed
CVE-2023-5132 was published Oct 21, 2023
The Ad Inserter for WordPress is vulnerable to Sensitive Information Exposure in versions up to,... High Unreviewed
CVE-2023-4668 was published Oct 20, 2023
The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to unauthorized user... High Unreviewed
CVE-2020-36698 was published Oct 20, 2023
An issue found in IXP Data Easy Install v.6.6.14884.0 allows an attacker to escalate privileges... High Unreviewed
CVE-2023-27792 was published Oct 19, 2023
Sensitive information disclosure and manipulation due to missing authorization. The following... High Unreviewed
CVE-2023-45247 was published Oct 9, 2023
Missing Authorization in RDT400 in SICK APU allows an unprivileged remote attacker to modify data... High Unreviewed
CVE-2023-43700 was published Oct 9, 2023
In phasechecksercer, there is a possible missing permission check. This could lead to local... High Unreviewed
CVE-2023-40634 was published Oct 8, 2023
In linkturbo, there is a possible missing permission check. This could lead to local escalation... High Unreviewed
CVE-2023-40635 was published Oct 8, 2023
Sensitive information disclosure and manipulation due to improper authentication. The following... High Unreviewed
CVE-2023-45246 was published Oct 6, 2023
Sensitive information disclosure and manipulation due to missing authorization. The following... High Unreviewed
CVE-2023-45244 was published Oct 6, 2023
Sensitive information disclosure and manipulation due to missing authorization. The following... High Unreviewed
CVE-2023-44212 was published Oct 6, 2023
Sensitive information disclosure and manipulation due to missing authorization. The following... High Unreviewed
CVE-2023-44211 was published Oct 6, 2023
Sensitive information disclosure and manipulation due to missing authorization. The following... High Unreviewed
CVE-2023-44210 was published Oct 4, 2023
Sensitive information disclosure and manipulation due to missing authorization. The following... High Unreviewed
CVE-2023-44208 was published Oct 4, 2023
Improper authorisation of regular users in ProIntegra Uptime DC software (versions below 2.0.0... High Unreviewed
CVE-2023-4997 was published Oct 4, 2023
A flaw was found in APICast, when 3Scale's OIDC module does not properly evaluate the response to... High Unreviewed
CVE-2023-0456 was published Sep 27, 2023
Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation ... High Unreviewed
CVE-2023-5165 was published Sep 25, 2023
In multiple files, there is a possible way to import a contact from another user due to a missing... High Unreviewed
CVE-2023-35665 was published Sep 11, 2023
In vowifiservice, there is a possible missing permission check.This could lead to local... High Unreviewed
CVE-2023-38460 was published Sep 4, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database