GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,030
Composer 4,303
Erlang 31
GitHub Actions 21
Go 2,071
Maven 5,246
npm 3,744
NuGet 669
pip 3,430
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,584

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

271 advisories

Filter by severity

Sort by

Least recently updated

The CMS Commander plugin for WordPress is vulnerable to authorization bypass due to the use of an... Critical Unreviewed

CVE-2023-3325 was published Jun 20, 2023

The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to... High Unreviewed

CVE-2023-30759 was published Jun 19, 2023

Insufficient verification of data authenticity in Zoom for Windows clients before 5.14.0 may... High Unreviewed

CVE-2023-34113 was published Jun 13, 2023

The Brizy Page Builder plugin for WordPress is vulnerable to IP Address Spoofing in versions up... Moderate Unreviewed

CVE-2023-2897 was published Jun 9, 2023

If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto... High Unreviewed

CVE-2023-2866 was published Jun 7, 2023

The Wordapp plugin for WordPress is vulnerable to authorization bypass due to an use of... Critical Unreviewed

CVE-2023-2987 was published May 31, 2023

Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware... Critical Unreviewed

CVE-2023-28386 was published May 22, 2023

Altenergy Power Control Software C1.2.5 was discovered to contain a remote code execution (RCE)... High Unreviewed

CVE-2023-31502 was published May 12, 2023

In modem, there is a possible missing verification of HashMME value in Security Mode Command.... Moderate Unreviewed

CVE-2022-44420 was published May 9, 2023

AMI MegaRAC SPx12 and SPx13 devices have Insufficient Verification of Data Authenticity. Critical Unreviewed

CVE-2023-28863 was published Apr 18, 2023

BlackVue DR750-2CH LTE v.1.012_2022.10.26 does not employ authenticity check for uploaded... Critical Unreviewed

CVE-2023-27748 was published Apr 13, 2023

A man in the middle can redirect traffic to a malicious server in a compromised configuration. High Unreviewed

CVE-2023-26467 was published Apr 11, 2023

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server... High Unreviewed

CVE-2023-27979 was published Mar 21, 2023

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server... High Unreviewed

CVE-2023-27977 was published Mar 21, 2023

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server... High Unreviewed

CVE-2023-27982 was published Mar 21, 2023

Akuvox E11 does not ensure that a file extension is associated with the file provided. This could... Moderate Unreviewed

CVE-2023-0350 was published Mar 13, 2023

A vulnerability classified as critical has been found in Zerocoin libzerocoin. Affected is the... High Unreviewed

CVE-2017-20180 was published Mar 6, 2023

Insufficient Verification of Data Authenticity vulnerability in Routine prior to versions 2.6.30... Moderate Unreviewed

CVE-2023-21441 was published Feb 9, 2023

Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior use a proprietary local area network ... High Unreviewed

CVE-2023-22315 was published Jan 31, 2023

Insufficient validation of address mapping to IO in ASP (AMD Secure Processor) may result in a... Moderate Unreviewed

CVE-2021-26396 was published Jan 11, 2023

Emerson DeltaV Distributed Control System (DCS) has insufficient verification of firmware... High Unreviewed

CVE-2022-30260 was published Dec 26, 2022

PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 allows root privileged attackers to... Moderate Unreviewed

CVE-2022-26579 was published Dec 17, 2022

Insufficient Verification of Data Authenticity vulnerability in Hewlett Packard Enterprise HPE... Moderate Unreviewed

CVE-2022-37928 was published Dec 12, 2022

Insufficient verification of data authenticity vulnerability in Samsung Gear IconX PC Manager... Moderate Unreviewed

CVE-2022-39909 was published Dec 8, 2022

An issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0 allows attackers to... High Unreviewed

CVE-2022-31877 was published Nov 28, 2022

Previous 1 2 3 4 5 6 … 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

271 advisories