Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,350
Erlang
31
GitHub Actions
22
Go
2,119
Maven
5,000+
npm
3,770
NuGet
680
pip
3,459
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

109 advisories

Loading
Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1... Critical Unreviewed
CVE-2023-41256 was published Sep 11, 2023
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA)... Critical Unreviewed
CVE-2023-20269 was published Sep 6, 2023
The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication... Critical Unreviewed
CVE-2023-3162 was published Aug 31, 2023
The use of `Module._load()` can bypass the policy mechanism and require modules outside of the... Critical Unreviewed
CVE-2023-32002 was published Aug 21, 2023
** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-895 FW102b07... Critical Unreviewed
CVE-2023-36091 was published Jul 31, 2023
AMI BMC contains a vulnerability in the IPMI handler, where an unauthenticated host is allowed to... Critical Unreviewed
CVE-2023-34335 was published Jul 6, 2023
The Web3 – Crypto wallet Login & NFT token gating plugin for WordPress is vulnerable to... Critical Unreviewed
CVE-2023-3249 was published Jun 30, 2023
The BookIt plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed
CVE-2023-2834 was published Jun 30, 2023
The WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress... Critical Unreviewed
CVE-2023-2982 was published Jun 29, 2023
The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentication... Critical Unreviewed
CVE-2023-2986 was published Jun 8, 2023
The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed
CVE-2020-36724 was published Jun 7, 2023
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed
CVE-2020-36713 was published Jun 7, 2023
The User Email Verification for WooCommerce plugin for WordPress is vulnerable to authentication... Critical Unreviewed
CVE-2023-2781 was published Jun 3, 2023
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed
CVE-2023-2733 was published May 25, 2023
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed
CVE-2023-2732 was published May 25, 2023
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed
CVE-2023-2734 was published May 25, 2023
The BP Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up... Critical Unreviewed
CVE-2023-2704 was published May 19, 2023
The RegistrationMagic plugin for WordPress is vulnerable to authentication bypass in versions up... Critical Unreviewed
CVE-2023-2499 was published May 16, 2023
The ZM Ajax Login & Register plugin for WordPress is vulnerable to authentication bypass in... Critical Unreviewed
CVE-2023-2027 was published Apr 15, 2023
Even if the authentication fails for local service authentication, the requested command could... Critical Unreviewed
CVE-2022-46732 was published Jan 18, 2023
Unauthorized access to Gateway user capabilities Critical Unreviewed
CVE-2022-27510 was published Nov 9, 2022
This vulnerability allows remote attackers to bypass authentication on affected installations of... Critical Unreviewed
CVE-2022-35869 was published Jul 26, 2022
SQL injection and file upload attacks are possible due to insufficient validation of input values... Critical Unreviewed
CVE-2021-26634 was published Jun 3, 2022
Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an... Critical Unreviewed
CVE-2021-36308 was published May 24, 2022
ECOA BAS controller suffers from an authentication bypass vulnerability. An unauthenticated... Critical Unreviewed
CVE-2021-41292 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database