Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

501 advisories

Loading
In Splunk Enterprise versions below 9.0.5, 8.2.11. and 8.1.14, and Splunk Cloud Platform versions... Moderate Unreviewed
CVE-2023-32709 was published Jul 6, 2023
Improper Authorization vulnerability in OTRS AG OTRS 8 (Websocket API backend) allows any as... High Unreviewed
CVE-2023-2534 was published Jul 6, 2023
In Splunk Enterprise versions below 8.1.13 and 8.2.10, the ‘createrss’ external search command... Moderate Unreviewed
CVE-2023-22931 was published Jul 6, 2023
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘sendemail’ REST API endpoint... Moderate Unreviewed
CVE-2023-22938 was published Jul 6, 2023
A CWE-285: Improper Authorization vulnerability exists that could cause Denial of Service against... High Unreviewed
CVE-2023-22610 was published Jul 6, 2023
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a... High Unreviewed
CVE-2023-25517 was published Jul 4, 2023
The affected TBox RTUs allow low privilege users to access software security tokens of higher... Moderate Unreviewed
CVE-2023-36611 was published Jul 3, 2023
Tauri vulnerable to Regression on Filesystem Scope Checks for Dotfiles Moderate
CVE-2023-34460 was published for tauri (Rust) Jun 21, 2023
tillmann-crabnebula chip-crabnebula
An improper authorization check of local device settings in TeamViewer Remote between version 15... Moderate Unreviewed
CVE-2023-0837 was published Jun 14, 2023
By changing the filename parameter in the request, an attacker could delete any file with the... High Unreviewed
CVE-2023-29152 was published Jun 8, 2023
An attacker with local access to the machine could record the traffic, which could allow them... Low Unreviewed
CVE-2023-24476 was published Jun 8, 2023
The Frontend File Manager plugin for WordPress is vulnerable to Privilege Escalation in versions... Moderate Unreviewed
CVE-2021-4344 was published Jun 7, 2023
The 2J-SlideShow Plugin for WordPress is vulnerable to authorization bypass due to a missing... Moderate Unreviewed
CVE-2020-36729 was published Jun 7, 2023
The Gallery Images Ape plugin for WordPress is vulnerable to Arbitrary Plugin Deactivation in... Moderate Unreviewed
CVE-2019-25149 was published Jun 7, 2023
The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to authorization... High Unreviewed
CVE-2020-36696 was published Jun 7, 2023
A security defect in Foundry's Comments functionality resulted in the retrieval of attachments to... Moderate Unreviewed
CVE-2023-30948 was published Jun 6, 2023
Transient DOS due to improper authentication in modem while receiving plain TLB OTA request... High Unreviewed
CVE-2022-40536 was published Jun 6, 2023
Transient DOS due to improper authorization in Modem High Unreviewed
CVE-2022-40521 was published Jun 6, 2023
Kyverno resource with a deletionTimestamp may allow policy circumvention Moderate
CVE-2023-34091 was published for github.com/kyverno/kyverno (Go) Jun 5, 2023
bburky
The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST ... Moderate Unreviewed
CVE-2023-0583 was published Jun 3, 2023
The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST ... Moderate Unreviewed
CVE-2023-0584 was published Jun 3, 2023
On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform... Moderate Unreviewed
CVE-2023-32717 was published Jun 1, 2023
In JetBrains TeamCity before 2023.05 improper permission checks allowed users without appropriate... Moderate Unreviewed
CVE-2023-34219 was published May 31, 2023
Improper Authorization in GitHub repository openemr/openemr prior to 7.0.1. Moderate Unreviewed
CVE-2023-2950 was published May 28, 2023
Pomerium vulnerable to Incorrect Authorization with specially crafted requests Critical
CVE-2023-33189 was published for github.com/pomerium/pomerium (Go) May 26, 2023
nonsleepr
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database