GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,361 advisories
Filter by severity
Improper Access Control in pyftpdlib
High
CVE-2009-5012
was published
for
pyftpdlib
(pip)
May 2, 2022
MoinMoin Improper Access Control vulnerability
High
CVE-2009-4762
was published
for
moin
(pip)
May 2, 2022
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.5 does not properly read the...
High
Unreviewed
CVE-2009-2092
was published
May 2, 2022
Cross-domain vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 7 allows remote...
Moderate
Unreviewed
CVE-2008-2947
was published
May 1, 2022
MoinMoin vulnerable to privilege escalation
Moderate
CVE-2008-1937
was published
for
moin
(pip)
May 1, 2022
Roundup xml-rpc server improper check of property permissions
Critical
CVE-2008-1475
was published
for
roundup
(pip)
May 1, 2022
JULI logging component in Apache Tomcat does not restrict certain permissions for web applications
Moderate
CVE-2007-5342
was published
for
org.apache.tomcat:tomcat-juli
(Maven)
May 1, 2022
Zope does not properly verify the access for objects with proxy roles
High
CVE-2002-0170
was published
for
zope
(pip)
Apr 30, 2022
Buffer overflow in SpoonFTP 1.0.0.12 allows remote attackers to execute arbitrary code via a long...
High
Unreviewed
CVE-2001-0781
was published
Apr 30, 2022
Zope allows attackers to modify raw image and file data
Moderate
CVE-2000-1212
was published
for
zope
(pip)
Apr 30, 2022
Zope does not properly restrict access to the getRoles method
High
CVE-2000-0725
was published
for
zope
(pip)
Apr 30, 2022
Keycloak is vulnerable to IDN homograph attack
Low
GHSA-mwm4-5qwr-g9pf
was published
for
org.keycloak:keycloak-services
(Maven)
Apr 28, 2022
The flo-launch WordPress plugin before 2.4.1 injects code into wp-config.php when creating a...
Critical
Unreviewed
CVE-2022-0541
was published
Apr 26, 2022
The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 lacks authorization...
Moderate
Unreviewed
CVE-2022-0634
was published
Apr 26, 2022
Plugin Settings Update vulnerability in ShortPixel's ShortPixel Adaptive Images plugin <= 3.3.1...
Moderate
Unreviewed
CVE-2022-29417
was published
Apr 26, 2022
The setup program for the affected product configures its files and folders with full access,...
High
Unreviewed
CVE-2021-43986
was published
Apr 21, 2022
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker...
High
Unreviewed
CVE-2022-20716
was published
Apr 16, 2022
An Improper Access Control vulnerability in the Juniper Networks Paragon Active Assurance Control...
High
Unreviewed
CVE-2022-22190
was published
Apr 15, 2022
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23...
Moderate
Unreviewed
CVE-2022-25650
was published
Apr 13, 2022
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V,...
High
Unreviewed
CVE-2022-25755
was published
Apr 13, 2022
ZeroTierOne for windows local privilege escalation because of incorrect directory privilege in...
High
Unreviewed
CVE-2022-1316
was published
Apr 12, 2022
Improper access control vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical...
Moderate
Unreviewed
CVE-2022-25831
was published
Apr 12, 2022
Improper access control vulnerability in FactoryCamera prior to version 2.1.96 allows attacker to...
High
Unreviewed
CVE-2022-27838
was published
Apr 12, 2022
Improper access control vulnerability in Samsung Security Supporter prior to version 1.2.40.0...
Low
Unreviewed
CVE-2022-28778
was published
Apr 12, 2022
Improper access control vulnerability in Samsung Flow prior to version 4.8.06.5 allows attacker...
Low
Unreviewed
CVE-2022-28775
was published
Apr 12, 2022
ProTip!
Advisories are also available from the
GraphQL API