GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
501 advisories
Filter by severity
** UNSUPPPORTED WHEN ASSIGNED ** Incorrect authorisation in ekorCCP and ekorRCI, which could...
High
Unreviewed
CVE-2022-47553
was published
Sep 19, 2023
A flaw was found in the Network Observability plugin for OpenShift console. Unless the Loki...
High
Unreviewed
CVE-2023-0813
was published
Sep 15, 2023
Intent redirection vulnerability in PackageInstallerCHN prior to version 13.1.03.00 allows local...
Moderate
Unreviewed
CVE-2023-30728
was published
Sep 6, 2023
Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12...
Moderate
Unreviewed
CVE-2023-30730
was published
Sep 6, 2023
Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR...
Moderate
Unreviewed
CVE-2023-30714
was published
Sep 6, 2023
Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to...
Moderate
Unreviewed
CVE-2023-30706
was published
Sep 6, 2023
Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA...
High
Unreviewed
CVE-2023-33020
was published
Sep 5, 2023
Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing...
High
Unreviewed
CVE-2023-28584
was published
Sep 5, 2023
Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station...
High
Unreviewed
CVE-2023-33019
was published
Sep 5, 2023
A vulnerability was found in subscription-manager that allows local privilege escalation due to...
High
Unreviewed
CVE-2023-3899
was published
Aug 23, 2023
Improper authorization in the Intel(R) NUC Pro Software Suite for Windows before version 2.0.0.9...
Moderate
Unreviewed
CVE-2023-28385
was published
Aug 11, 2023
Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows...
Moderate
Unreviewed
CVE-2023-30704
was published
Aug 10, 2023
Consul JWT Auth in L7 Intentions Allow for Mismatched Service Identity and JWT Providers
High
CVE-2023-3518
was published
for
github.com/hashicorp/consul
(Go)
Aug 9, 2023
The FULL - Customer plugin for WordPress is vulnerable to Arbitrary File Upload via the /install...
High
Unreviewed
CVE-2023-4243
was published
Aug 9, 2023
The ACL (Access Control List) of SAP Message Server - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7...
High
Unreviewed
CVE-2023-37491
was published
Aug 8, 2023
The ACF Photo Gallery Field plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2023-3957
was published
Jul 27, 2023
Improper authorization on debug and artifact file downloads
High
CVE-2023-36826
was published
for
sentry
(pip)
Jul 25, 2023
Improper privilege validation in Command Centre Server allows authenticated unprivileged...
Moderate
Unreviewed
CVE-2023-23568
was published
Jul 25, 2023
Improper privilege validation in Command Centre Server allows authenticated unprivileged...
Moderate
Unreviewed
CVE-2023-25074
was published
Jul 25, 2023
Improper privilege validation in Command Centre Server allows authenticated operators to modify...
Moderate
Unreviewed
CVE-2023-22428
was published
Jul 25, 2023
A vulnerability, which was classified as critical, has been found in Xiamen Four Letter Video...
High
Unreviewed
CVE-2023-3805
was published
Jul 21, 2023
Wyse Management Suite versions prior to 4.0 contain an improper authorization vulnerability. An...
Moderate
Unreviewed
CVE-2023-32482
was published
Jul 20, 2023
Pimcore Customer Management Framework vulnerable to Improper Authorization in Rules Controller
Moderate
CVE-2023-3574
was published
for
pimcore/customer-management-framework-bundle
(Composer)
Jul 10, 2023
The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2023-1910
was published
Jul 6, 2023
In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below...
High
Unreviewed
CVE-2023-32707
was published
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API