GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
868 advisories
Filter by severity
An unauthorized user could possibly delete any file on the system.
High
Unreviewed
CVE-2022-46331
was published
Jan 18, 2023
Improper access control vulnerability in McAfee WebAdvisor Chrome and Edge browser extensions up...
High
Unreviewed
CVE-2022-0815
was published
Mar 12, 2022
The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib...
High
Unreviewed
CVE-2021-24906
was published
Jan 25, 2022
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing...
High
Unreviewed
CVE-2015-3806
was published
May 17, 2022
AEM's Cloud Service offering, as well as versions 6.5.7.0 (and below), 6.4.8.3 (and below) and 6...
High
Unreviewed
CVE-2021-21083
was published
May 24, 2022
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier)...
High
Unreviewed
CVE-2021-21045
was published
May 24, 2022
Matrikon, a subsidary of Honeywell Matrikon OPC Server (all versions) is vulnerable to a...
High
Unreviewed
CVE-2022-1261
was published
May 27, 2022
Adobe Genuine Service version 6.6 (and earlier) is affected by an Improper Access control...
High
Unreviewed
CVE-2020-9668
was published
May 24, 2022
A vulnerability in the web-based messaging service interface of Cisco SD-WAN vManage Software...
High
Unreviewed
CVE-2021-1284
was published
May 24, 2022
A flaw was found in the Red Hat 3scale API Management Platform, where member permissions for an...
High
Unreviewed
CVE-2020-14388
was published
May 24, 2022
The import_data function of the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4...
High
Unreviewed
CVE-2021-24353
was published
May 24, 2022
In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, a lack of capability...
High
Unreviewed
CVE-2021-24356
was published
May 24, 2022
Multiple buffer overflows in rtsp/ASessionDescription.cpp in libstagefright in mediaserver in...
High
Unreviewed
CVE-2016-3880
was published
May 17, 2022
Improper access control vulnerability in FirmwareUpgrade in QSAN Storage Manager allows remote...
High
Unreviewed
CVE-2021-32514
was published
May 24, 2022
Multiple stack-based buffer overflows in the AVCC reassembly implementation in Utils.cpp in...
High
Unreviewed
CVE-2016-3863
was published
May 17, 2022
The export_data function of the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4...
High
Unreviewed
CVE-2021-24352
was published
May 24, 2022
Vulnerable versions of the JupiterX Core (<= 2.0.6) plugin register an AJAX action...
High
Unreviewed
CVE-2022-1659
was published
Jun 14, 2022
arm-wt-22k/lib_src/eas_mdls.c in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1...
High
Unreviewed
CVE-2016-3879
was published
May 17, 2022
The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper...
High
Unreviewed
CVE-2021-24197
was published
May 24, 2022
NetApp SnapCenter Server 1.0 allows remote authenticated users to list and delete backups.
High
Unreviewed
CVE-2015-7887
was published
May 17, 2022
Improper access control vulnerability in share_link in QSAN Storage Manager allows remote...
High
Unreviewed
CVE-2021-32517
was published
May 24, 2022
coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted...
High
Unreviewed
CVE-2014-9830
was published
May 17, 2022
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd...
High
Unreviewed
CVE-2014-9828
was published
May 17, 2022
The Hashthemes Demo Importer Plugin <= 1.1.1 for WordPress contained several AJAX functions which...
High
Unreviewed
CVE-2021-39333
was published
May 24, 2022
coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted...
High
Unreviewed
CVE-2014-9831
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API