GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
128 advisories
Filter by severity
Datalogic AV7000 Linear barcode scanner all versions prior to 4.6.0.0 is vulnerable to...
High
Unreviewed
CVE-2019-13526
was published
May 24, 2022
RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability....
Critical
Unreviewed
CVE-2019-3758
was published
May 24, 2022
The ZM Ajax Login & Register plugin for WordPress is vulnerable to authentication bypass in...
Critical
Unreviewed
CVE-2023-2027
was published
Apr 15, 2023
PingID Desktop prior to the latest released version 1.7.4 contains a vulnerability that can be...
Moderate
Unreviewed
CVE-2022-40725
was published
Apr 25, 2023
An Authentication Bypass Using an Alternate Path or Channel vulnerability in the Schweitzer...
High
Unreviewed
CVE-2023-31152
was published
May 10, 2023
The RegistrationMagic plugin for WordPress is vulnerable to authentication bypass in versions up...
Critical
Unreviewed
CVE-2023-2499
was published
May 16, 2023
The BP Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up...
Critical
Unreviewed
CVE-2023-2704
was published
May 19, 2023
A proprietary protocol for iBoot devices is used for control and keepalive commands. The function...
High
Unreviewed
CVE-2022-47311
was published
May 23, 2023
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and...
Critical
Unreviewed
CVE-2023-2732
was published
May 25, 2023
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and...
Critical
Unreviewed
CVE-2023-2733
was published
May 25, 2023
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and...
Critical
Unreviewed
CVE-2023-2734
was published
May 25, 2023
Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Bypass...
Moderate
Unreviewed
CVE-2022-36249
was published
May 30, 2023
The User Email Verification for WooCommerce plugin for WordPress is vulnerable to authentication...
Critical
Unreviewed
CVE-2023-2781
was published
Jun 3, 2023
The WP User Switch plugin for WordPress is vulnerable to authentication bypass in versions up to,...
High
Unreviewed
CVE-2023-2546
was published
Jun 6, 2023
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and...
Critical
Unreviewed
CVE-2020-36713
was published
Jun 7, 2023
The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and...
Critical
Unreviewed
CVE-2020-36724
was published
Jun 7, 2023
The Better Search plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up...
Moderate
Unreviewed
CVE-2021-4373
was published
Jun 7, 2023
The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentication...
Critical
Unreviewed
CVE-2023-2986
was published
Jun 8, 2023
The WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress...
Critical
Unreviewed
CVE-2023-2982
was published
Jun 29, 2023
A security defect was identified in Foundry Issues. If a user was added to an issue on a resource...
Moderate
Unreviewed
CVE-2023-30946
was published
Jun 29, 2023
The BookIt plugin for WordPress is vulnerable to authentication bypass in versions up to, and...
Critical
Unreviewed
CVE-2023-2834
was published
Jun 30, 2023
The Web3 – Crypto wallet Login & NFT token gating plugin for WordPress is vulnerable to...
Critical
Unreviewed
CVE-2023-3249
was published
Jun 30, 2023
The iBoot device’s basic discovery protocol assists in initial device configuration. The...
High
Unreviewed
CVE-2022-47320
was published
Jul 6, 2023
AMI BMC contains a vulnerability in the IPMI handler, where an
unauthenticated host is allowed to...
Critical
Unreviewed
CVE-2023-34335
was published
Jul 6, 2023
The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication...
Critical
Unreviewed
CVE-2023-3162
was published
Aug 31, 2023
ProTip!
Advisories are also available from the
GraphQL API