GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,878
Composer 4,266
Erlang 31
GitHub Actions 21
Go 2,035
Maven 5,219
npm 3,732
NuGet 662
pip 3,413
Pub 12
RubyGems 891
Rust 865
Swift 36

Unreviewed advisories

All unreviewed 237,757

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

171 advisories

Filter by severity

Sort by

Least recently updated

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.838 to 0.9.8.846, remote attackers can... High Unreviewed

CVE-2019-13605 was published May 24, 2022

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows... High Unreviewed

CVE-2019-14724 was published May 24, 2022

Affected versions of Atlassian Fisheye & Crucible allowed remote attackers to browse local files... High Unreviewed

CVE-2021-43957 was published Mar 17, 2022

Insecure direct object reference in SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R leads to... High Unreviewed

CVE-2021-46416 was published Apr 8, 2022

An Insecure Direct Object Reference issue exists in the Tyler Odyssey platform before 17.1.20.... High Unreviewed

CVE-2022-26665 was published Apr 19, 2022

The user_id and device_id on the Ourphoto App version 1.4.1 /device/* end-points both suffer from... High Unreviewed

CVE-2022-24187 was published Nov 29, 2022

Non-Privilege User Can View Patient’s Disclosures in GitHub repository openemr/openemr prior to 6... High Unreviewed

CVE-2022-1459 was published Apr 26, 2022

The Logo Carousel WordPress plugin before 3.4.2 allows users with a role as low as Contributor to... High Unreviewed

CVE-2021-24739 was published Dec 22, 2021

Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when... High Unreviewed

CVE-2021-21012 was published May 24, 2022

Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when... High Unreviewed

CVE-2021-21013 was published May 24, 2022

The WP-EMail WordPress plugin before 2.69.0 prioritizes getting a visitor's IP from certain HTTP... High Unreviewed

CVE-2022-1614 was published Jun 21, 2022

An issue in the delete_post() function of Online Discussion Forum Site 1 allows unauthenticated... High Unreviewed

CVE-2022-31295 was published Jun 17, 2022

An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass... High Unreviewed

CVE-2022-29008 was published May 12, 2022

The WP User Manager WordPress plugin before 2.6.3 does not ensure that the user ID to reset the... High Unreviewed

CVE-2021-24655 was published Jul 18, 2022

Insecure Direct Object Reference vulnerability in HYPR Server before version 6.14.1 allows remote... High Unreviewed

CVE-2022-2193 was published Jul 20, 2022

An Insecure Direct Object Reference (IDOR) vulnerability in the password reset function of Telos... High Unreviewed

CVE-2022-43326 was published Nov 29, 2022

Carinal Tien Hospital Health Report System’s login page has improper authentication, a remote... High Unreviewed

CVE-2021-44160 was published Dec 30, 2021

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are... High Unreviewed

CVE-2021-36032 was published May 24, 2022

An issue was discovered on various devices via the Linkplay firmware. There is WAN remote code... High Unreviewed

CVE-2019-15310 was published May 24, 2022

Akaunting version 2.1.12 and earlier suffers from an authentication bypass issue in the user... High Unreviewed

CVE-2021-36801 was published May 24, 2022

The employee management page of Flygo contains Insecure Direct Object Reference (IDOR)... High Unreviewed

CVE-2021-37214 was published May 24, 2022

The vRealize Operations Manager API (8.x prior to 8.5) has insecure object reference... High Unreviewed

CVE-2021-22023 was published May 24, 2022

The forgot password token basically just makes us capable of taking over the account of whoever... High Unreviewed

CVE-2022-3019 was published Aug 29, 2022

A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.8), Teamcenter... High Unreviewed

CVE-2021-40355 was published May 24, 2022

Authenticated Insecure Direct Object References (IDOR) vulnerability in WordPress uListing plugin... High Unreviewed

CVE-2021-36874 was published May 24, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

171 advisories