Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

778 advisories

Loading
In power management service, there is a missing permission check. This could lead to set up power... High Unreviewed
CVE-2022-39094 was published Dec 6, 2022
In power management service, there is a missing permission check. This could lead to set up power... High Unreviewed
CVE-2022-39096 was published Dec 6, 2022
In power management service, there is a missing permission check. This could lead to set up power... High Unreviewed
CVE-2022-39099 was published Dec 6, 2022
In power management service, there is a missing permission check. This could lead to set up power... High Unreviewed
CVE-2022-42777 was published Dec 6, 2022
In power management service, there is a missing permission check. This could lead to set up power... High Unreviewed
CVE-2022-39095 was published Dec 6, 2022
In power management service, there is a missing permission check. This could lead to set up power... High Unreviewed
CVE-2022-39101 was published Dec 6, 2022
In power management service, there is a missing permission check. This could lead to set up power... High Unreviewed
CVE-2022-39097 was published Dec 6, 2022
The AJAX action, wp_ajax_ninja_forms_sendwp_remote_install_handler, did not have a capability... High Unreviewed
CVE-2021-24163 was published May 24, 2022
Lack of authorisation checks in the Modern Events Calendar Lite WordPress plugin, versions before... High Unreviewed
CVE-2021-24146 was published May 24, 2022
Missing Authorization in Jenkins SSH plugin High
CVE-2022-30959 was published for org.jenkins-ci.plugins:ssh (Maven) May 18, 2022
NotMyFault
Missing Authorization in Jenkins Recipe Plugin High
CVE-2022-34794 was published for org.jenkins-ci.plugins:recipe (Maven) Jul 1, 2022
NotMyFault
kernel/sys/syscall.c in ToaruOS through 1.10.9 has incorrect access control in sys_sysfunc case 9... High Unreviewed
CVE-2019-13047 was published May 24, 2022
The Easy Student Results WordPress plugin through 2.2.8 lacks authorisation in its REST API,... High Unreviewed
CVE-2022-2379 was published Aug 16, 2022
Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in versions from 7.0 to 7.02,... High Unreviewed
CVE-2019-0257 was published May 13, 2022
An issue was discovered in manager.c in Sangoma Asterisk through 13.x, 16.x, 17.x and Certified... High Unreviewed
CVE-2019-18610 was published May 24, 2022
The Tawk.To Live Chat WordPress plugin before 0.6.0 does not have capability and CSRF checks in... High Unreviewed
CVE-2021-24914 was published Dec 7, 2021
In onCreate of WifiDialogActivity.java, there is a missing permission check. This could lead to... High Unreviewed
CVE-2022-20506 was published Dec 20, 2022
In onCreate of WifiDppConfiguratorActivity.java, there is a possible way for a guest user to add... High Unreviewed
CVE-2022-20503 was published Dec 20, 2022
In getSlice of ProviderModelSlice.java, there is a missing permission check. This could lead to... High Unreviewed
CVE-2022-20522 was published Dec 20, 2022
An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write... High Unreviewed
CVE-2022-29154 was published Aug 3, 2022
The WP Live Chat Support plugin before 8.0.33 for WordPress accepts certain REST API calls... High Unreviewed
CVE-2019-12498 was published May 24, 2022
A unauthorized remote access vulnerability was discovered in HPE IOT + GCP version(s): 1.4.0, 1.4... High Unreviewed
CVE-2020-7133 was published May 24, 2022
This document describes a security vulnerability in Blade Maintenance Entity, Integrated... High Unreviewed
CVE-2020-7131 was published May 24, 2022
The file transfer component of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server... High Unreviewed
CVE-2020-9411 was published May 24, 2022
XWiki Platform Security Parent POM vulnerable to overwriting of security rules of a page with a final page having the same reference High
CVE-2022-31167 was published for org.xwiki.platform:xwiki-platform-security (Maven) Sep 20, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database