Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,339 advisories

Loading
Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an... Critical Unreviewed
CVE-2022-20777 was published May 5, 2022
The stub component of Absolute Computrace Agent V70.785 executes code from a disk's inter... High Unreviewed
CVE-2009-5151 was published May 2, 2022
Absolute Computrace Agent V80.845 and V80.866 does not have a digital signature for the... High Unreviewed
CVE-2009-5150 was published May 2, 2022
Improper Access Control in pyftpdlib High
CVE-2009-5012 was published for pyftpdlib (pip) May 2, 2022
MoinMoin Improper Access Control vulnerability High
CVE-2009-4762 was published for moin (pip) May 2, 2022
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.5 does not properly read the... High Unreviewed
CVE-2009-2092 was published May 2, 2022
Cross-domain vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 7 allows remote... Moderate Unreviewed
CVE-2008-2947 was published May 1, 2022
MoinMoin vulnerable to privilege escalation Moderate
CVE-2008-1937 was published for moin (pip) May 1, 2022
Roundup xml-rpc server improper check of property permissions Critical
CVE-2008-1475 was published for roundup (pip) May 1, 2022
anonymous4ACL24
JULI logging component in Apache Tomcat does not restrict certain permissions for web applications Moderate
CVE-2007-5342 was published for org.apache.tomcat:tomcat-juli (Maven) May 1, 2022
Zope does not properly verify the access for objects with proxy roles High
CVE-2002-0170 was published for zope (pip) Apr 30, 2022
Buffer overflow in SpoonFTP 1.0.0.12 allows remote attackers to execute arbitrary code via a long... High Unreviewed
CVE-2001-0781 was published Apr 30, 2022
Zope allows attackers to modify raw image and file data Moderate
CVE-2000-1212 was published for zope (pip) Apr 30, 2022
Zope does not properly restrict access to the getRoles method High
CVE-2000-0725 was published for zope (pip) Apr 30, 2022
Keycloak is vulnerable to IDN homograph attack Low
GHSA-mwm4-5qwr-g9pf was published for org.keycloak:keycloak-services (Maven) Apr 28, 2022
klausenbusk kurt-r2c
The flo-launch WordPress plugin before 2.4.1 injects code into wp-config.php when creating a... Critical Unreviewed
CVE-2022-0541 was published Apr 26, 2022
The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 lacks authorization... Moderate Unreviewed
CVE-2022-0634 was published Apr 26, 2022
Plugin Settings Update vulnerability in ShortPixel's ShortPixel Adaptive Images plugin <= 3.3.1... Moderate Unreviewed
CVE-2022-29417 was published Apr 26, 2022
The setup program for the affected product configures its files and folders with full access,... High Unreviewed
CVE-2021-43986 was published Apr 21, 2022
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker... High Unreviewed
CVE-2022-20716 was published Apr 16, 2022
An Improper Access Control vulnerability in the Juniper Networks Paragon Active Assurance Control... High Unreviewed
CVE-2022-22190 was published Apr 15, 2022
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23... Moderate Unreviewed
CVE-2022-25650 was published Apr 13, 2022
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V,... High Unreviewed
CVE-2022-25755 was published Apr 13, 2022
ZeroTierOne for windows local privilege escalation because of incorrect directory privilege in... High Unreviewed
CVE-2022-1316 was published Apr 12, 2022
Improper access control vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical... Moderate Unreviewed
CVE-2022-25831 was published Apr 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database