GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,120
Composer 4,800
Erlang 36
GitHub Actions 29
Go 2,380
Maven 5,718
npm 4,005
NuGet 720
pip 3,805
Pub 12
RubyGems 927
Rust 986
Swift 38

Unreviewed advisories

All unreviewed 262,517

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

500 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The WP OAuth Server (OAuth Authentication) WordPress plugin before 4.2.5 has a flawed CSRF and... Moderate Unreviewed

CVE-2022-4148 was published Mar 20, 2023

Permissions vulnerability found in isoftforce Dreamer CMS v.4.0.1 allows local attackers to... Moderate Unreviewed

CVE-2023-27084 was published Mar 16, 2023

Exposure of Sensitive Information in OpenGoofy Hippo4j Moderate

CVE-2023-27095 was published for cn.hippo4j:hippo4j-core (Maven) Mar 16, 2023

Sensitive Cookie Without 'HttpOnly' Flag vulnerability in Johnson Controls System Configuration... Moderate Unreviewed

CVE-2022-21939 was published Feb 9, 2023

In BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x... Moderate Unreviewed

CVE-2023-22326 was published Feb 1, 2023

Docker version 20.10.15, build fd82621 is vulnerable to Insecure Permissions. Unauthorized users... Moderate Unreviewed

CVE-2022-37708 was published Feb 1, 2023

In exported content providers of ShannonRcs, there is a possible way to get access to protected... Moderate Unreviewed

CVE-2023-20923 was published Jan 26, 2023

In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp. Moderate Unreviewed

CVE-2022-48257 was published Jan 13, 2023

EXFO - BV-10 Performance Endpoint Unit misconfiguration. System configuration file has... Moderate Unreviewed

CVE-2022-39186 was published Jan 12, 2023

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 15... Moderate Unreviewed

CVE-2022-4365 was published Jan 12, 2023

An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39... Moderate Unreviewed

CVE-2022-47927 was published Jan 12, 2023

Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master. Moderate Unreviewed

CVE-2022-4630 was published Dec 21, 2022

SilverStripe Subsite weakens file permissions Moderate

CVE-2022-42949 was published for silverstripe/subsites (Composer) Dec 19, 2022

ZTE OTCP product is impacted by a permission and access control vulnerability. Due to improper... Moderate Unreviewed

CVE-2022-23143 was published Dec 6, 2022

g810-led 0.4.2, a LED configuration tool for Logitech Gx10 keyboards, contained a udev rule to... Moderate Unreviewed

CVE-2022-46338 was published Nov 30, 2022

Insecure permissions in Chocolatey Cmder package v1.3.20 and below grants all users in the... Moderate Unreviewed

CVE-2022-45304 was published Nov 29, 2022

Insecure permissions in Chocolatey Azure-Pipelines-Agent package v2.211.1 and below grants all... Moderate Unreviewed

CVE-2022-45306 was published Nov 29, 2022

Insecure permissions in Chocolatey Ruby package v3.1.2.1 and below grants all users in the... Moderate Unreviewed

CVE-2022-45301 was published Nov 29, 2022

Insecure permissions in Chocolatey PHP package v8.1.12 and below grants all users in the... Moderate Unreviewed

CVE-2022-45307 was published Nov 29, 2022

Insecure permissions in Chocolatey Python3 package v3.11.0 and below grants all users in the... Moderate Unreviewed

CVE-2022-45305 was published Nov 29, 2022

Automotive Shop Management System v1.0 is vulnerable to Delete any file via /asms/classes/Master... Moderate Unreviewed

CVE-2022-44280 was published Nov 23, 2022

Broken Access Control vulnerability in WPML Multilingual CMS premium plugin <= 4.5.10 on... Moderate Unreviewed

CVE-2022-38461 was published Nov 18, 2022

Sensitive information disclosure due to insecure folder permissions. The following products are... Moderate Unreviewed

CVE-2022-44746 was published Nov 8, 2022

A permissions issue existed. This issue was addressed with improved permission validation. This... Moderate Unreviewed

CVE-2022-42788 was published Nov 2, 2022

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 15.7.1... Moderate Unreviewed

CVE-2022-32929 was published Nov 2, 2022

Previous 1 2 … 5 6 7 8 9 … 19 20 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

500 advisories