Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,974
Maven
5,000+
npm
4,621
NuGet
788
pip
4,317
Pub
12
RubyGems
984
Rust
1,131
Swift
49
Unreviewed advisories
All unreviewed
5,000+

173 advisories

Loading
The Download Monitor WordPress plugin before 4.5.98 does not ensure that files to be downloaded... Moderate Unreviewed
CVE-2022-2981 was published Oct 11, 2022
Incorrect implementation of Knox Guard prior to SMR Jan-2022 Release 1 allows physically... Moderate Unreviewed
CVE-2022-22268 was published Jan 11, 2022
An implicit Intent hijacking vulnerability in Dialer prior to SMR Jan-2022 Release 1 allows... Moderate Unreviewed
CVE-2022-22270 was published Jan 11, 2022
In taocms 3.0.1 after logging in to the background, there is an Arbitrary file download... Moderate Unreviewed
CVE-2021-44983 was published Feb 9, 2022
An issue was discovered in taoCMS v3.0.2. There is an arbitrary file read vulnerability that can... Moderate Unreviewed
CVE-2022-23316 was published Feb 9, 2022
The SEUR Oficial WordPress plugin before 1.7.2 creates a PHP file with a random name when... Moderate Unreviewed
CVE-2021-25004 was published Feb 8, 2022
In Mahara 20.10 before 20.10.4, 21.04 before 21.04.3, and 21.10 before 21.10.1, the names of... Moderate Unreviewed
CVE-2022-24694 was published Feb 10, 2022
The All-In-One Security (AIOS) WordPress plugin before 5.1.3 leaked settings of the plugin... Moderate Unreviewed
CVE-2022-4346 was published Jan 23, 2023
An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1... Moderate Unreviewed
CVE-2017-2621 was published May 3, 2022
An accessibility flaw was found in the OpenStack Workflow (mistral) service where a service log... Moderate Unreviewed
CVE-2017-2622 was published May 13, 2022
lmxcms v1.41 was discovered to contain an arbitrary file read vulnerability via TemplateAction... Moderate Unreviewed
CVE-2022-48094 was published Feb 1, 2023
Podman has Files or Directories Accessible to External Parties Moderate
CVE-2020-1726 was published for github.com/containers/podman (Go) May 24, 2022
tdunlap607
Credited to tdunlap607
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an... Moderate Unreviewed
CVE-2021-1256 was published May 24, 2022
A vulnerability exists in the FTP server of the Zyxel AX7501-B0 firmware prior to V5.17(ABPC.3)C0... Moderate Unreviewed
CVE-2022-45440 was published Jan 17, 2023
Keycloak has Files or Directories Accessible to External Parties Moderate
CVE-2021-3856 was published for org.keycloak:keycloak-core (Maven) Aug 27, 2022
Missing authorization in xwiki-platform Moderate
CVE-2022-23621 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Feb 9, 2022
The Helpful WordPress plugin before 4.5.26 puts the exported logs and feedbacks in a publicly... Moderate Unreviewed
CVE-2022-2834 was published Oct 17, 2022
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker... Moderate Unreviewed
CVE-2021-1512 was published May 24, 2022
A vulnerability was found in Weaver OA 9.5 and classified as problematic. This issue affects some... Moderate Unreviewed
CVE-2023-2766 was published May 17, 2023
A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit... Moderate Unreviewed
CVE-2023-47612 was published Nov 9, 2023
Improper input validation vulnerability in ChooserActivity prior to SMR Nov-2023 Release 1 allows... Moderate Unreviewed
CVE-2023-42534 was published Nov 13, 2023
The Front End PM WordPress plugin before 11.4.3 does not block listing the contents of the... Moderate Unreviewed
CVE-2023-4930 was published Nov 6, 2023
Tyler Technologies Court Case Management Plus may store backups in a location that can be... Moderate Unreviewed
CVE-2023-6375 was published Nov 30, 2023
Dell vApp Manager, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A... Moderate Unreviewed
CVE-2023-48661 was published Dec 14, 2023
The File Manager WordPress plugin before 6.3 does not restrict the file managers root directory,... Moderate Unreviewed
CVE-2023-5907 was published Dec 11, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database