GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
16 advisories
Filter by severity
OpenRefine has a reflected cross-site scripting vulnerability (XSS) from POST request in ExportRowsCommand
High
CVE-2024-47880
was published
for
org.openrefine:openrefine
(Maven)
Oct 24, 2024
The Limit Login Attempts (Spam Protection) plugin for WordPress is vulnerable to IP Address...
Moderate
Unreviewed
CVE-2022-4534
was published
Oct 8, 2024
HTTP client can manipulate custom HTTP headers that are added by Traefik
Critical
CVE-2024-45410
was published
for
github.com/traefik/traefik
(Go)
Sep 19, 2024
The Limit Login Attempts Plus plugin for WordPress is vulnerable to IP Address Spoofing in...
Moderate
Unreviewed
CVE-2022-4533
was published
Sep 19, 2024
The Security, Antivirus, Firewall – S.A.F plugin for WordPress is vulnerable to IP Address...
Moderate
Unreviewed
CVE-2022-4529
was published
Sep 5, 2024
The Web Application Firewall plugin for WordPress is vulnerable to IP Address Spoofing in...
Moderate
Unreviewed
CVE-2022-4539
was published
Aug 31, 2024
The IP Vault – WP Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions...
Moderate
Unreviewed
CVE-2022-4536
was published
Aug 31, 2024
Serilog Client IP Spoofing vulnerability
Moderate
CVE-2024-44930
was published
for
Serilog.Enrichers.ClientInfo
(NuGet)
Aug 29, 2024
The LOGIN AND REGISTRATION ATTEMPTS LIMIT plugin for WordPress is vulnerable to IP Address...
Moderate
Unreviewed
CVE-2022-4532
was published
Aug 17, 2024
Use of Less Trusted Source vulnerability in SolidWP Solid Security allows HTTP DoS.This issue...
Low
Unreviewed
CVE-2022-44593
was published
Jun 21, 2024
A Use Of Less Trusted Source [CWE-348] vulnerability in Fortinet FortiPortal version 7.0.0...
High
Unreviewed
CVE-2024-23105
was published
May 14, 2024
Unitronics Unistream Unilogic – Versions prior to 1.35.227 -
CWE-348: Use of Less Trusted...
High
Unreviewed
CVE-2024-27773
was published
Mar 18, 2024
IBM Aspera Faspex 5.0.5 could allow a remote attacked to bypass IP restrictions due to improper...
High
Unreviewed
CVE-2023-35906
was published
Sep 5, 2023
CasaOS Gateway vulnerable to incorrect identification of source IP addresses
Critical
CVE-2023-37265
was published
for
github.com/IceWhaleTech/CasaOS-Gateway
(Go)
Jul 17, 2023
The Hide My WP Ghost – Security Plugin plugin for WordPress is vulnerable to IP Address Spoofing...
Moderate
Unreviewed
CVE-2022-4537
was published
Jul 6, 2023
The Brizy Page Builder plugin for WordPress is vulnerable to IP Address Spoofing in versions up...
Moderate
Unreviewed
CVE-2023-2897
was published
Jun 9, 2023
ProTip!
Advisories are also available from the
GraphQL API