Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

120 advisories

Loading
The Realteo WordPress plugin before 1.2.4, used by the Findeo Theme, did not ensure that the... Moderate Unreviewed
CVE-2021-24238 was published May 24, 2022
An Improper Access Control vulnerability was discovered in the Controlled Admin Access WordPress... Critical Unreviewed
CVE-2021-24215 was published May 24, 2022
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. An... Moderate Unreviewed
CVE-2020-35570 was published May 24, 2022
Tenda N300 F3 12.01.01.48 devices allow remote attackers to obtain sensitive information ... Moderate Unreviewed
CVE-2020-35391 was published May 24, 2022
A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon... Moderate Unreviewed
CVE-2020-7541 was published May 24, 2022
In affected Ops Manager versions there is an exposed http route was that may allow attackers to... Moderate Unreviewed
CVE-2019-2388 was published May 24, 2022
goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27 allows creation of... High Unreviewed
CVE-2020-10181 was published May 24, 2022
PEGA Platform 8.3.0 is vulnerable to Information disclosure via a direct prweb/sso/random_token/... Moderate Unreviewed
CVE-2019-16388 was published May 24, 2022
PEGA Platform 7.x and 8.x is vulnerable to Information disclosure via a direct prweb/sso... Moderate Unreviewed
CVE-2019-16386 was published May 24, 2022
An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated... Moderate Unreviewed
CVE-2019-17503 was published May 24, 2022
A security feature bypass vulnerability exists when Microsoft Browsers fail to validate the... Moderate Unreviewed
CVE-2019-1220 was published May 24, 2022
Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users (editor or... High Unreviewed
CVE-2019-14347 was published May 24, 2022
eClass platform < ip.2.5.10.2.1 allows an attacker to use GETS method to request /admin page to... Critical Unreviewed
CVE-2019-9884 was published May 24, 2022
In Directus 7 API through 2.3.0, remote attackers can read image files via a direct request for a... Moderate Unreviewed
CVE-2019-13981 was published May 24, 2022
Missing Authorization in Jenkins Moderate
CVE-2019-10354 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
Missing Access Control in the "Free Time" component of several Zyxel UAG, USG, and ZyWall devices... Critical Unreviewed
CVE-2019-12583 was published May 24, 2022
In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23,... High Unreviewed
CVE-2018-7526 was published May 13, 2022
OMRON NS devices 1.1 through 1.3 allow remote attackers to bypass authentication via a direct... Critical Unreviewed
CVE-2018-6624 was published May 13, 2022
Showdoc Unauthenticated Access Moderate
CVE-2018-19620 was published for showdoc/showdoc (Composer) May 13, 2022
The Van Ons WP GDPR Compliance (aka wp-gdpr-compliance) plugin before 1.4.3 for WordPress allows... Critical Unreviewed
CVE-2018-19207 was published May 13, 2022
Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0... Moderate Unreviewed
CVE-2018-19143 was published May 13, 2022
tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by... High Unreviewed
CVE-2018-19109 was published May 13, 2022
add_user in AbiSoft Ticketly 1.0 allows remote attackers to create administrator accounts via an... Critical Unreviewed
CVE-2018-18922 was published May 13, 2022
BMC Remedy Mid-Tier 7.1.00 and 9.1.02.003 for BMC Remedy AR System has Incorrect Access Control... High Unreviewed
CVE-2018-18862 was published May 13, 2022
An insecure direct object reference vulnerability in download.cgi in ASUSTOR AS6202T ADM 3.1.0... Moderate Unreviewed
CVE-2018-11346 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database