GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,407
Composer 5,538
Erlang 49
GitHub Actions 49
Go 3,405
Maven 6,358
npm 5,578
NuGet 882
pip 4,641
Pub 13
RubyGems 1,026
Rust 1,209
Swift 53

Unreviewed advisories

All unreviewed 296,359

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25,562 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Marval MSM through 14.19.0.12476 and 15.0 has a System account with default credentials. A remote... Critical Unreviewed

CVE-2023-33282 was published Jun 7, 2023

TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed

CVE-2023-33556 was published Jun 7, 2023

A privilege escalation allowing remote code execution was discovered in the orchestration service. Critical Unreviewed

CVE-2023-2530 was published Jun 7, 2023

An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication... Critical Unreviewed

CVE-2023-33553 was published Jun 7, 2023

The Adning Advertising plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2020-36705 was published Jun 7, 2023

The Pinterest Automatic plugin for WordPress is vulnerable to authorization bypass due to missing... Critical Unreviewed

CVE-2021-4380 was published Jun 7, 2023

The Adning Advertising plugin for WordPress is vulnerable to file deletion via path traversal in... Critical Unreviewed

CVE-2020-36728 was published Jun 7, 2023

Aria Operations for Networks contains a command injection vulnerability. A malicious actor with... Critical Unreviewed

CVE-2023-20887 was published Jun 7, 2023

On Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, an unauthenticated attacker can... Critical Unreviewed

CVE-2023-2186 was published Jun 7, 2023

The WordPress Automatic Plugin for WordPress is vulnerable to arbitrary options updates in... Critical Unreviewed

CVE-2021-4374 was published Jun 7, 2023

Imperial CMS v7.5 was discovered to contain an arbitrary file deletion vulnerability via the... Critical Unreviewed

CVE-2023-33604 was published Jun 7, 2023

The uListing plugin for WordPress is vulnerable to authorization bypass as most actions and... Critical Unreviewed

CVE-2021-4370 was published Jun 7, 2023

The uListing plugin for WordPress is vulnerable to authorization bypass via wp_route due to... Critical Unreviewed

CVE-2021-4381 was published Jun 7, 2023

The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed

CVE-2020-36724 was published Jun 7, 2023

The Newsletter Manager plugin for WordPress is vulnerable to insecure deserialization in versions... Critical Unreviewed

CVE-2020-36727 was published Jun 7, 2023

The Ultimate Reviews plugin for WordPress is vulnerable to PHP Object Injection in versions up to... Critical Unreviewed

CVE-2020-36726 was published Jun 7, 2023

The CMP for WordPress is vulnerable to authorization bypass due to a missing capability check on... Critical Unreviewed

CVE-2020-36730 was published Jun 7, 2023

The Unauthenticated Account Creation plugin for WordPress is vulnerable to Unauthenticated... Critical Unreviewed

CVE-2021-4343 was published Jun 7, 2023

The uListing plugin for WordPress is vulnerable to authorization bypass via Ajax due to missing... Critical Unreviewed

CVE-2021-4341 was published Jun 7, 2023

The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File... Critical Unreviewed

CVE-2021-4356 was published Jun 7, 2023

The Kiwi Social Share plugin for WordPress is vulnerable to authorization bypass due to a missing... Critical Unreviewed

CVE-2021-4362 was published Jun 7, 2023

The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary... Critical Unreviewed

CVE-2020-36719 was published Jun 7, 2023

The Easy WP SMTP plugin for WordPress is vulnerable to authorization bypass in versions up to,... Critical Unreviewed

CVE-2019-25141 was published Jun 7, 2023

The following themes for WordPress are vulnerable to Function Injections in versions up to and... Critical Unreviewed

CVE-2020-36708 was published Jun 7, 2023

The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed

CVE-2020-36713 was published Jun 7, 2023

Previous 1…398…400 Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

25,562 advisories