Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

352 advisories

Loading
In JetBrains IntelliJ IDEA before 2023.1 in some cases, Gradle and Maven projects could be... High Unreviewed
CVE-2022-48431 was published Jul 6, 2023
Rumpus - FTP server version 9.0.7.1 Improper Token Verification– vulnerability may allow... High Unreviewed
CVE-2022-46370 was published Jul 6, 2023
The CMS Commander plugin for WordPress is vulnerable to authorization bypass due to the use of an... Critical Unreviewed
CVE-2023-3325 was published Jun 20, 2023
Insufficient verification of data authenticity in Zoom for Windows clients before 5.14.0 may... High Unreviewed
CVE-2023-34113 was published Jun 13, 2023
The Brizy Page Builder plugin for WordPress is vulnerable to IP Address Spoofing in versions up... Moderate Unreviewed
CVE-2023-2897 was published Jun 9, 2023
If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto... High Unreviewed
CVE-2023-2866 was published Jun 7, 2023
The Wordapp plugin for WordPress is vulnerable to authorization bypass due to an use of... Critical Unreviewed
CVE-2023-2987 was published May 31, 2023
Altenergy Power Control Software C1.2.5 was discovered to contain a remote code execution (RCE)... High Unreviewed
CVE-2023-31502 was published May 12, 2023
In modem, there is a possible missing verification of HashMME value in Security Mode Command.... Moderate Unreviewed
CVE-2022-44420 was published May 9, 2023
BlackVue DR750-2CH LTE v.1.012_2022.10.26 does not employ authenticity check for uploaded... Critical Unreviewed
CVE-2023-27748 was published Apr 13, 2023
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series... High Unreviewed
CVE-2020-3220 was published May 24, 2022
com.proxyman.NSProxy.HelperTool in Privileged Helper Tool in Proxyman for macOS 1.11.0 and... Moderate Unreviewed
CVE-2019-20057 was published May 24, 2022
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated... High Unreviewed
CVE-2019-3979 was published May 24, 2022
Mirror zones are a BIND feature allowing recursive servers to pre-cache zone data provided by... High Unreviewed
CVE-2019-6475 was published May 24, 2022
rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why... Moderate Unreviewed
CVE-2019-15162 was published May 24, 2022
If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any... Moderate Unreviewed
CVE-2019-11737 was published May 24, 2022
A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an... Moderate Unreviewed
CVE-2019-12620 was published May 24, 2022
A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an... Moderate Unreviewed
CVE-2019-5478 was published May 24, 2022
A vulnerability in Cisco Advanced Malware Protection (AMP) for Endpoints for Windows could allow... High Unreviewed
CVE-2019-1932 was published May 24, 2022
A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System (UCS) C-Series Rack... Moderate Unreviewed
CVE-2019-1880 was published May 24, 2022
This vulnerability was caused by an incomplete fix to CVE-2017-0911. Twitter Kit for iOS versions... Moderate Unreviewed
CVE-2019-5431 was published May 24, 2022
Cloud Foundry BOSH Backup and Restore CLI, all versions prior to 1.5.0, does not check the... High Unreviewed
CVE-2019-3786 was published May 24, 2022
FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is... Critical Unreviewed
CVE-2019-11235 was published May 24, 2022
A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between... Moderate Unreviewed
CVE-2023-5366 was published Oct 6, 2023
** DISPUTED ** GNOME Evolution through 3.38.3 produces a "Valid signature" message for an unknown... Low Unreviewed
CVE-2021-3349 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database