Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

640 advisories

Loading
Authentication vulnerability in the API for app pre-loading. Impact: Successful exploitation of... High Unreviewed
CVE-2023-52541 was published Apr 8, 2024
A vulnerability was reported in some Lenovo Printers that could allow an unauthenticated attacker... High Unreviewed
CVE-2024-27911 was published Apr 5, 2024
Rapid7 Minerva Armor versions below 4.5.5 suffer from a privilege escalation vulnerability... High Unreviewed
CVE-2024-0394 was published Apr 3, 2024
Missing Authorization vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast... High Unreviewed
CVE-2024-30487 was published Mar 29, 2024
Missing authorization vulnerability in GetLiveViewPath webapi component in Synology Surveillance... High Unreviewed
CVE-2024-29229 was published Mar 28, 2024
Missing authorization vulnerability in GetStmUrlPath webapi component in Synology Surveillance... High Unreviewed
CVE-2024-29228 was published Mar 28, 2024
Missing Authorization vulnerability in Metagauss EventPrime.This issue affects EventPrime: from n... High Unreviewed
CVE-2024-24832 was published Mar 23, 2024
A directory listing vulnerability in Best Student Result Management System v1.0 allows attackers... High Unreviewed
CVE-2023-49980 was published Mar 21, 2024
Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import allows importing... High Unreviewed
CVE-2024-2702 was published Mar 20, 2024
nGrinder before 3.5.9 allows an attacker to create or update webhook configuration due to lack of... High Unreviewed
CVE-2024-28215 was published Mar 7, 2024
In injectInputEventToInputFilter of AccessibilityManagerService.java, there is a possible... High Unreviewed
CVE-2024-0038 was published Feb 16, 2024
The Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page,... High Unreviewed
CVE-2024-1072 was published Feb 6, 2024
The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor... High Unreviewed
CVE-2024-0324 was published Feb 6, 2024
The Cookie Information | Free GDPR Consent Solution plugin for WordPress is vulnerable to... High Unreviewed
CVE-2023-6700 was published Feb 6, 2024
Missing Authorization vulnerability in Forcepoint F|One SmartEdge Agent on Windows ... High Unreviewed
CVE-2023-1705 was published Jan 29, 2024
The Woostify Sites Library WordPress plugin before 1.4.8 does not have authorisation in an AJAX... High Unreviewed
CVE-2023-6279 was published Jan 29, 2024
A vulnerability classified as critical was found in Totolink N350RT 9.3.5u.6265. This... High Unreviewed
CVE-2024-0570 was published Jan 16, 2024
The DeMomentSomTres WordPress Export Posts With Images WordPress plugin through 20220825 does not... High Unreviewed
CVE-2023-5905 was published Jan 15, 2024
The EazyDocs WordPress plugin before 2.3.6 does not have authorization and CSRF checks when... High Unreviewed
CVE-2023-6029 was published Jan 15, 2024
The Hostinger plugin for WordPress is vulnerable to unauthorized plugin settings update due to a... High Unreviewed
CVE-2023-6751 was published Jan 11, 2024
The Debug Log Manager WordPress plugin before 2.3.0 contains a Directory listing vulnerability... High Unreviewed
CVE-2023-6383 was published Jan 8, 2024
An issue was discovered in O-RAN Software Community ric-plt-e2mgr in the G-Release environment,... High Unreviewed
CVE-2023-42358 was published Jan 3, 2024
There is a possible information disclosure due to a missing permission check. This could lead to... High Unreviewed
CVE-2023-4164 was published Jan 3, 2024
An issue was discovered in Peplink Balance Two before 8.4.0. A missing authorization check in... High Unreviewed
CVE-2023-49230 was published Dec 28, 2023
The SmartCrawl WordPress plugin before 3.8.3 does not prevent unauthorised users from accessing... High Unreviewed
CVE-2023-5949 was published Dec 18, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database