GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,282
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,105
Rust
1,490
Swift
61
Unreviewed advisories
All unreviewed
5,000+
544 advisories
Filter by severity
A security defect was identified in Foundry Issues. If a user was added to an issue on a resource...
Moderate
Unreviewed
CVE-2023-30946
was published
Jun 29, 2023
The WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress...
Critical
Unreviewed
CVE-2023-2982
was published
Jun 29, 2023
The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentication...
Critical
Unreviewed
CVE-2023-2986
was published
Jun 8, 2023
The Better Search plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up...
Moderate
Unreviewed
CVE-2021-4373
was published
Jun 7, 2023
The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and...
Critical
Unreviewed
CVE-2020-36724
was published
Jun 7, 2023
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and...
Critical
Unreviewed
CVE-2020-36713
was published
Jun 7, 2023
The WP User Switch plugin for WordPress is vulnerable to authentication bypass in versions up to,...
High
Unreviewed
CVE-2023-2546
was published
Jun 6, 2023
The User Email Verification for WooCommerce plugin for WordPress is vulnerable to authentication...
Critical
Unreviewed
CVE-2023-2781
was published
Jun 3, 2023
Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Bypass...
Moderate
Unreviewed
CVE-2022-36249
was published
May 30, 2023
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and...
Critical
Unreviewed
CVE-2023-2732
was published
May 25, 2023
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and...
Critical
Unreviewed
CVE-2023-2734
was published
May 25, 2023
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and...
Critical
Unreviewed
CVE-2023-2733
was published
May 25, 2023
A proprietary protocol for iBoot devices is used for control and keepalive commands. The function...
High
Unreviewed
CVE-2022-47311
was published
May 23, 2023
The BP Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up...
Critical
Unreviewed
CVE-2023-2704
was published
May 19, 2023
A vulnerability in the social login configuration option for the guest users of Cisco Business...
Moderate
Unreviewed
CVE-2023-20003
was published
May 18, 2023
The RegistrationMagic plugin for WordPress is vulnerable to authentication bypass in versions up...
Critical
Unreviewed
CVE-2023-2499
was published
May 16, 2023
An Authentication Bypass Using an Alternate Path or Channel vulnerability in the Schweitzer...
High
Unreviewed
CVE-2023-31152
was published
May 10, 2023
PingID Desktop prior to the latest released version 1.7.4 contains a vulnerability that can be...
Moderate
Unreviewed
CVE-2022-40725
was published
Apr 25, 2023
In multiple functions of AccountManagerService.java, there is a possible loading of arbitrary...
High
Unreviewed
CVE-2023-21098
was published
Apr 19, 2023
The ZM Ajax Login & Register plugin for WordPress is vulnerable to authentication bypass in...
Critical
Unreviewed
CVE-2023-2027
was published
Apr 15, 2023
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura...
Moderate
Unreviewed
CVE-2023-23503
was published
Feb 27, 2023
Devise Gem for Ruby Unauthorized Access Using "Remember Me" Cookie
High
CVE-2015-8314
was published
for
devise
(RubyGems)
Jan 26, 2023
A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series...
Moderate
Unreviewed
CVE-2023-20018
was published
Jan 20, 2023
Even if the authentication fails for local service authentication, the requested command could...
Critical
Unreviewed
CVE-2022-46732
was published
Jan 18, 2023
In affected versions of Octopus Deploy users of certain browsers using AD to sign-in to Octopus...
Moderate
Unreviewed
CVE-2022-3614
was published
Jan 3, 2023
ProTip!
Advisories are also available from the
GraphQL API