GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
662 advisories
Filter by severity
In firewall service, there is a missing permission check. This could lead to local escalation of...
High
Unreviewed
CVE-2022-47361
was published
Feb 12, 2023
An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers...
High
Unreviewed
CVE-2021-28375
was published
May 24, 2022
An elevation of privilege vulnerability exists when reparse points are created by sandboxed...
High
Unreviewed
CVE-2019-1170
was published
May 24, 2022
The Plus Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in...
High
Unreviewed
CVE-2021-4331
was published
Mar 7, 2023
In onContextItemSelected of NetworkProviderSettings.java, there is a possible way for users to...
High
Unreviewed
CVE-2023-21001
was published
Mar 24, 2023
Missing authentication in ShenYu
High
CVE-2022-23945
was published
for
org.apache.shenyu:shenyu-common
(Maven)
Jan 28, 2022
The ProfileGrid WordPress plugin before 5.3.1 provides an AJAX endpoint for resetting a user...
High
Unreviewed
CVE-2023-0940
was published
Mar 20, 2023
In onPrepareOptionsMenu of AppInfoDashboardFragment.java, there is a possible way to bypass admin...
High
Unreviewed
CVE-2023-20955
was published
Mar 24, 2023
In AddSupervisedUserActivity, guest users are not prevented from starting the activity due to...
High
Unreviewed
CVE-2023-20959
was published
Mar 24, 2023
In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible...
High
Unreviewed
CVE-2023-21015
was published
Mar 24, 2023
In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible...
High
Unreviewed
CVE-2023-21005
was published
Mar 24, 2023
In isTargetSdkLessThanQOrPrivileged of WifiServiceImpl.java, there is a possible way for the...
High
Unreviewed
CVE-2023-21021
was published
Mar 24, 2023
In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible...
High
Unreviewed
CVE-2023-21002
was published
Mar 24, 2023
In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible...
High
Unreviewed
CVE-2023-21003
was published
Mar 24, 2023
In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible...
High
Unreviewed
CVE-2023-21004
was published
Mar 24, 2023
A vulnerability has been found in Ellucian Banner Web Tailor 8.6 and classified as critical. This...
High
Unreviewed
CVE-2023-1632
was published
Mar 25, 2023
The Gallery Blocks with Lightbox WordPress plugin before 3.0.8 has an AJAX endpoint that can be...
High
Unreviewed
CVE-2023-0441
was published
Mar 27, 2023
MuYuCMS v2.2 was discovered to contain an arbitrary file deletion vulnerability via the component...
High
Unreviewed
CVE-2023-27701
was published
Mar 28, 2023
The WCFM Marketplace plugin for WordPress is vulnerable to unauthorized modification and access...
High
Unreviewed
CVE-2022-4935
was published
Apr 5, 2023
HashiCorp Nomad vulnerable to unauthenticated client agent HTTP request privilege escalation
High
CVE-2023-1782
was published
for
github.com/hashicorp/nomad
(Go)
Apr 5, 2023
Apache James server's JMX management service vulnerable to privilege escalation by local user
High
CVE-2023-26269
was published
for
org.apache.james:javax-mail-extension
(Maven)
Apr 3, 2023
The WCFM Frontend Manager plugin for WordPress is vulnerable to unauthorized modification and...
High
Unreviewed
CVE-2022-4937
was published
Apr 5, 2023
An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a...
High
Unreviewed
CVE-2019-18666
was published
May 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Doorkeeper
High
CVE-2020-10187
was published
for
doorkeeper
(RubyGems)
May 7, 2020
PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing...
High
Unreviewed
CVE-2017-7548
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API