Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

293 advisories

Loading
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows... Moderate Unreviewed
CVE-2019-14246 was published May 24, 2022
Joruri Mail 2.1.4 and earlier does not properly manage sessions, which allows remote attackers to... Moderate Unreviewed
CVE-2019-5966 was published May 24, 2022
An issue was discovered in the Ascensia Contour NEXT ONE application for iOS and Android before... Moderate Unreviewed
CVE-2018-18976 was published May 24, 2022
Insecure Direct Object References (IDOR) vulnerability in Spiffy Plugins Spiffy Calendar <= 4.9.0... Moderate Unreviewed
CVE-2022-29434 was published May 21, 2022
The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and... Moderate Unreviewed
CVE-2022-1425 was published May 17, 2022
onlinetolls in cdSoft Onlinetools-Smart Winhotel.MX 2021 allows an attacker to download sensitive... Moderate Unreviewed
CVE-2022-27247 was published May 14, 2022
An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is improper... Moderate Unreviewed
CVE-2018-10211 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can remove attachments... Moderate Unreviewed
CVE-2017-15209 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can add an external link... Moderate Unreviewed
CVE-2017-15211 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can add an internal link... Moderate Unreviewed
CVE-2017-15206 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can remove categories... Moderate Unreviewed
CVE-2017-15203 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit swimlanes of a... Moderate Unreviewed
CVE-2017-15195 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit tasks of a... Moderate Unreviewed
CVE-2017-15207 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can add automatic actions... Moderate Unreviewed
CVE-2017-15204 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can remove automatic... Moderate Unreviewed
CVE-2017-15208 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit columns of a... Moderate Unreviewed
CVE-2017-15202 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can add a new category to... Moderate Unreviewed
CVE-2017-15197 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit tags of a... Moderate Unreviewed
CVE-2017-15201 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can add a new task to a... Moderate Unreviewed
CVE-2017-15200 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can remove columns from a... Moderate Unreviewed
CVE-2017-15196 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit metadata of a... Moderate Unreviewed
CVE-2017-15199 was published May 13, 2022
Nextcloud Server before 11.0.7 and 12.0.5 suffers from an Authorization Bypass Through User... Moderate Unreviewed
CVE-2017-0936 was published May 13, 2022
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to... Moderate Unreviewed
CVE-2019-9921 was published May 13, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before... Moderate Unreviewed
CVE-2019-9219 was published May 13, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before... Moderate Unreviewed
CVE-2019-9170 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database