GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,505

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,647 advisories

Filter by severity

Sort by

Least recently updated

The Social Warfare plugin for WordPress is vulnerable to authorization bypass due to a missing... Moderate Unreviewed

CVE-2023-0402 was published Jan 19, 2023

The Insight Core WordPress plugin through 1.0 does not have any authorisation and CSRF checks in... Moderate Unreviewed

CVE-2021-24950 was published Mar 15, 2022

The Meks Easy Photo Feed Widget WordPress plugin before 1.2.4 does not have capability and CSRF... Moderate Unreviewed

CVE-2021-24958 was published Mar 15, 2022

An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious... Moderate Unreviewed

CVE-2021-45852 was published Mar 17, 2022

glFusion CMS v1.7.9 is affected by an arbitrary user registration vulnerability in /public_html... Moderate Unreviewed

CVE-2021-44937 was published Dec 15, 2021

Missing authorization vulnerability in Advanced Custom Fields versions prior to 5.12.1 and... Moderate Unreviewed

CVE-2022-23183 was published Apr 1, 2022

The Amelia WordPress plugin before 1.0.48 does not have proper authorisation when handling Amelia... Moderate Unreviewed

CVE-2022-0837 was published Apr 5, 2022

The Amelia WordPress plugin before 1.0.49 does not have proper authorisation when managing... Moderate Unreviewed

CVE-2022-0825 was published Apr 5, 2022

The Material Design for Contact Form 7 WordPress plugin through 2.6.4 does not check... Moderate Unreviewed

CVE-2022-0404 was published Apr 5, 2022

The Datalogic DXU service on (for example) DL-Axist devices does not require authentication for... Moderate Unreviewed

CVE-2021-43333 was published Jan 2, 2022

The RSVP and Event Management Plugin WordPress plugin before 2.7.8 does not have any... Moderate Unreviewed

CVE-2022-1054 was published Apr 19, 2022

The Salon booking system Free and pro WordPress plugins before 7.6.3 do not have proper... Moderate Unreviewed

CVE-2022-0919 was published Apr 12, 2022

PreMiD 2.2.0 allows unintended access via the websocket transport. An attacker can receive events... Moderate Unreviewed

CVE-2021-46701 was published Feb 21, 2022

The Theme and plugin translation for Polylang is vulnerable to authorization bypass in versions... Moderate Unreviewed

CVE-2022-4169 was published Nov 28, 2022

A broken access control vulnerability in the SubNet_handler_func function of spx_restservice... Moderate Unreviewed

CVE-2021-44776 was published Oct 24, 2022

Unprotected provider vulnerability in Charm by Samsung prior to version 1.2.3 allows attackers to... Moderate Unreviewed

CVE-2022-36836 was published Aug 6, 2022

An issue was discovered in Emote Remote Mouse through 3.015. Attackers can close any running... Moderate Unreviewed

CVE-2021-27570 was published May 24, 2022

Improper Authorization in ThinkSAAS v2.7 allows remote attackers to modify the description of any... Moderate Unreviewed

CVE-2020-18741 was published May 24, 2022

An issue was discovered in Emote Remote Mouse through 4.0.0.0. Attackers can maximize or minimize... Moderate Unreviewed

CVE-2021-27569 was published May 24, 2022

Affected versions of Atlassian Confluence Server allow remote attackers to view restricted... Moderate Unreviewed

CVE-2021-26085 was published May 24, 2022

A vulnerability in Cisco Connected Mobile Experiences (CMX) API authorizations could allow an... Moderate Unreviewed

CVE-2021-1143 was published May 24, 2022

An issue has been discovered in GitLab affecting versions starting with 13.5 up to 13.9.7.... Moderate Unreviewed

CVE-2021-22208 was published May 24, 2022

An issue was discovered in Emote Remote Mouse through 4.0.0.0. Attackers can retrieve recently... Moderate Unreviewed

CVE-2021-27571 was published May 24, 2022

When a user has already allowed a website to access microphone and camera, disabling camera... Moderate Unreviewed

CVE-2021-29959 was published May 24, 2022

In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, the lack of capability... Moderate Unreviewed

CVE-2021-24355 was published May 24, 2022

Previous 1 2 3 4 5 … 65 66 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,647 advisories