GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
501 advisories
Filter by severity
Improper authorization in some Intel Battery Life Diagnostic Tool installation software before...
Moderate
Unreviewed
CVE-2023-32662
was published
Nov 14, 2023
Improper authorization in some Intel(R) QAT drivers for Windows - HW Version 2.0 before version 2...
Moderate
Unreviewed
CVE-2023-28378
was published
Nov 14, 2023
An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 through 7.2...
Moderate
Unreviewed
CVE-2023-36633
was published
Nov 14, 2023
Cryptographic issue in HLOS during key management.
High
Unreviewed
CVE-2023-28556
was published
Nov 14, 2023
Apache Airflow allows authenticated and DAG-view authorized users to modify some DAG run detail values when submitting notes
Moderate
CVE-2023-47037
was published
for
apache-airflow
(pip)
Nov 12, 2023
PrestaShop blockreassurance BO User can remove any file from server when adding a and deleting a block
Moderate
CVE-2023-47109
was published
for
prestashop/blockreassurance
(Composer)
Nov 8, 2023
Improper Authorization in GitHub repository teamamaze/amazefileutilities prior to 1.91.
High
Unreviewed
CVE-2023-5948
was published
Nov 3, 2023
EisBaer Scada - CWE-285: Improper Authorization
Critical
Unreviewed
CVE-2023-42491
was published
Oct 25, 2023
The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized modification of...
High
Unreviewed
CVE-2021-4334
was published
Oct 20, 2023
The Brizy plugin for WordPress is vulnerable to authorization bypass due to a incorrect...
High
Unreviewed
CVE-2020-36714
was published
Oct 20, 2023
The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized access to data and...
Moderate
Unreviewed
CVE-2021-4335
was published
Oct 20, 2023
React Developer Tools extension Improper Authorization vulnerability
Moderate
CVE-2023-5654
was published
for
react-devtools-core
(npm)
Oct 19, 2023
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier)...
High
Unreviewed
CVE-2023-38220
was published
Oct 13, 2023
An improper authorization vulnerability in Fortinet FortiOS 7.0.0 - 7.0.11 and 7.2.0 - 7.2.4...
High
Unreviewed
CVE-2023-41841
was published
Oct 10, 2023
Garuda Linux performs an insecure user creation and authentication that allows any user to...
High
Unreviewed
CVE-2021-3784
was published
Oct 4, 2023
Improper authorization vulnerability in HelpDezk Community affecting version 1.1.10. This...
High
Unreviewed
CVE-2023-3037
was published
Oct 4, 2023
Improper authorization in PushMsgReceiver of Samsung Assistant prior to version 8.7.00.1 allows...
Moderate
Unreviewed
CVE-2023-30736
was published
Oct 4, 2023
An improper authorization issue has been discovered in GitLab CE/EE affecting all versions...
Moderate
Unreviewed
CVE-2023-2233
was published
Sep 29, 2023
A vulnerability in the Authentication, Authorization, and Accounting (AAA) feature of Cisco IOS...
Critical
Unreviewed
CVE-2023-20186
was published
Sep 27, 2023
Sensitive information disclosure and manipulation due to improper authorization. The following...
Low
Unreviewed
CVE-2023-44154
was published
Sep 27, 2023
The vulnerability is the use of implicit PendingIntents without the PendingIntent.FLAG_IMMUTABLE...
High
Unreviewed
CVE-2023-44125
was published
Sep 27, 2023
The vulnerability is the use of implicit PendingIntents with the PendingIntent.FLAG_MUTABLE set...
High
Unreviewed
CVE-2023-44123
was published
Sep 27, 2023
A flaw was found in APICast, when 3Scale's OIDC module does not properly evaluate the response to...
High
Unreviewed
CVE-2023-0456
was published
Sep 27, 2023
Dell NetWorker, Version 19.7 has an improper authorization vulnerability in the NetWorker client...
High
Unreviewed
CVE-2023-28055
was published
Sep 27, 2023
matrix-synapse vulnerable to improper validation of receipts allows forged read receipts
Moderate
CVE-2023-42453
was published
for
matrix-synapse
(pip)
Sep 26, 2023
ProTip!
Advisories are also available from the
GraphQL API