Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,347
Erlang
31
GitHub Actions
22
Go
2,117
Maven
5,000+
npm
3,768
NuGet
680
pip
3,457
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,991 advisories

Loading
services/system_io/actionprocessor/System.rails in ConnectWise Manage 2017.5 is vulnerable to... High Unreviewed
CVE-2017-11726 was published May 17, 2022
IBM InfoSphere Master Data Management Server 10.1, 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable... High Unreviewed
CVE-2016-9714 was published May 17, 2022
A vulnerability classified as problematic has been found in OpenACS bug-tracker. Affected is an... High Unreviewed
CVE-2016-15009 was published Jan 5, 2023
The OMGF WordPress plugin before 4.5.4 does not enforce path validation, authorisation and CSRF... High Unreviewed
CVE-2021-24639 was published May 24, 2022
The St-Daily-Tip WordPress plugin through 4.7 does not have any CSRF check in place when saving... High Unreviewed
CVE-2021-24487 was published May 24, 2022
A vulnerability was found in CoreHR Core Portal up to 27.0.7. It has been classified as... High Unreviewed
CVE-2019-25064 was published Jun 10, 2022
Techroutes TR 1803-3G Wireless Cellular Router/Modem 2.4.25 devices do not possess any protection... High Unreviewed
CVE-2017-11648 was published May 17, 2022
NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are... High Unreviewed
CVE-2017-11646 was published May 17, 2022
EyouCMS V1.5.8-UTF8-SP1 is vulnerable to Cross Site Request Forgery (CSRF) via the background,... High Unreviewed
CVE-2022-36225 was published Aug 20, 2022
Cross-Site Request Forgery (CSRF) exists in Hashtopussy 0.4.0, allowing an admin password change... High Unreviewed
CVE-2017-11680 was published May 17, 2022
The Auto Delete Posts WordPress plugin through 1.3.0 does not have CSRF check in place when... High Unreviewed
CVE-2022-1779 was published Jun 14, 2022
Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4... High Unreviewed
CVE-2016-6427 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR... High Unreviewed
CVE-2017-2273 was published May 17, 2022
Cross-Site Request Forgery (CSRF) exists in Hashtopus 1.5g via the password parameter to admin... High Unreviewed
CVE-2017-11679 was published May 17, 2022
IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to... High Unreviewed
CVE-2016-9716 was published May 17, 2022
XunRuiCMS V4.5.6 is vulnerable to Cross Site Request Forgery (CSRF). High Unreviewed
CVE-2022-36224 was published Aug 20, 2022
The One Click Plugin Updater WordPress plugin through 2.4.14 does not have CSRF check in place... High Unreviewed
CVE-2022-1791 was published Jun 14, 2022
A vulnerability was found in Navetti PricePoint 4.6.0.0. It has been declared as critical. This... High Unreviewed
CVE-2017-20045 was published Jun 14, 2022
The Woo Billingo Plus WordPress plugin before 4.4.5.4, Integration for Billingo & Gravity Forms... High Unreviewed
CVE-2022-3154 was published Oct 11, 2022
A vulnerability, which was classified as critical, has been found in AXIS P1204, P3225, P3367,... High Unreviewed
CVE-2017-20048 was published Jun 16, 2022
A vulnerability classified as problematic has been found in AXIS P1204, P3225, P3367, M3045,... High Unreviewed
CVE-2017-20046 was published Jun 16, 2022
The Hot Linked Image Cacher WordPress plugin through 1.16 is vulnerable to CSRF. This can be used... High Unreviewed
CVE-2022-1765 was published Jun 14, 2022
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to... High Unreviewed
CVE-2017-3794 was published May 17, 2022
The Swifty Page Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in... High Unreviewed
CVE-2023-0088 was published Jan 5, 2023
The Comcast firmware on Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version... High Unreviewed
CVE-2017-9490 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database