GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
19 advisories
Filter by severity
IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive...
Moderate
Unreviewed
CVE-2024-35151
was published
Aug 22, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in PruvaSoft Informatics...
Moderate
Unreviewed
CVE-2024-5620
was published
Jul 18, 2024
A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA)...
Moderate
Unreviewed
CVE-2023-20247
was published
Nov 1, 2023
PingFederate using the PingOne MFA adapter allows a new MFA device to be paired without requiring...
Moderate
Unreviewed
CVE-2023-39231
was published
Oct 25, 2023
The WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2021-4353
was published
Oct 20, 2023
A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi...
Moderate
Unreviewed
CVE-2023-4957
was published
Oct 11, 2023
A security defect was identified in Foundry Issues. If a user was added to an issue on a resource...
Moderate
Unreviewed
CVE-2023-30946
was published
Jun 29, 2023
The Better Search plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up...
Moderate
Unreviewed
CVE-2021-4373
was published
Jun 7, 2023
Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Bypass...
Moderate
Unreviewed
CVE-2022-36249
was published
May 30, 2023
A vulnerability in the social login configuration option for the guest users of Cisco Business...
Moderate
Unreviewed
CVE-2023-20003
was published
May 18, 2023
PingID Desktop prior to the latest released version 1.7.4 contains a vulnerability that can be...
Moderate
Unreviewed
CVE-2022-40725
was published
Apr 25, 2023
A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series...
Moderate
Unreviewed
CVE-2023-20018
was published
Jan 20, 2023
PingID Windows Login prior to 2.8 does not authenticate communication with a local Java service...
Moderate
Unreviewed
CVE-2022-23719
was published
Jul 1, 2022
PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry...
Moderate
Unreviewed
CVE-2022-23725
was published
Jul 1, 2022
This vulnerability allows network-adjacent attackers to disclose sensitive information on...
Moderate
Unreviewed
CVE-2020-27863
was published
May 24, 2022
This vulnerability allows network-adjacent attackers to disclose sensitive information on...
Moderate
Unreviewed
CVE-2020-17409
was published
May 24, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected...
Moderate
Unreviewed
CVE-2020-15633
was published
May 24, 2022
Successful exploitation of this vulnerability on Claroty Secure Remote Access (SRA) Site versions...
Moderate
Unreviewed
CVE-2021-32958
was published
May 24, 2022
Navigating to a specific URL with a patient ID number will result in the server generating a PDF...
Moderate
Unreviewed
CVE-2022-1067
was published
Apr 12, 2022
ProTip!
Advisories are also available from the
GraphQL API