GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
501 advisories
Filter by severity
In Splunk Enterprise versions below 9.0.5, 8.2.11. and 8.1.14, and Splunk Cloud Platform versions...
Moderate
Unreviewed
CVE-2023-32709
was published
Jul 6, 2023
Improper Authorization vulnerability in OTRS AG OTRS 8 (Websocket API backend) allows any as...
High
Unreviewed
CVE-2023-2534
was published
Jul 6, 2023
In Splunk Enterprise versions below 8.1.13 and 8.2.10, the ‘createrss’ external search command...
Moderate
Unreviewed
CVE-2023-22931
was published
Jul 6, 2023
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘sendemail’ REST API endpoint...
Moderate
Unreviewed
CVE-2023-22938
was published
Jul 6, 2023
A CWE-285: Improper Authorization vulnerability exists that could cause Denial of Service against...
High
Unreviewed
CVE-2023-22610
was published
Jul 6, 2023
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a...
High
Unreviewed
CVE-2023-25517
was published
Jul 4, 2023
The affected TBox RTUs allow low privilege users to access software security tokens of higher...
Moderate
Unreviewed
CVE-2023-36611
was published
Jul 3, 2023
Tauri vulnerable to Regression on Filesystem Scope Checks for Dotfiles
Moderate
CVE-2023-34460
was published
for
tauri
(Rust)
Jun 21, 2023
An improper authorization check of local device settings in TeamViewer Remote between version 15...
Moderate
Unreviewed
CVE-2023-0837
was published
Jun 14, 2023
By changing the filename parameter in the request, an attacker could
delete any file with the...
High
Unreviewed
CVE-2023-29152
was published
Jun 8, 2023
An attacker with local access to the machine could record the traffic,
which could allow them...
Low
Unreviewed
CVE-2023-24476
was published
Jun 8, 2023
The Frontend File Manager plugin for WordPress is vulnerable to Privilege Escalation in versions...
Moderate
Unreviewed
CVE-2021-4344
was published
Jun 7, 2023
The 2J-SlideShow Plugin for WordPress is vulnerable to authorization bypass due to a missing...
Moderate
Unreviewed
CVE-2020-36729
was published
Jun 7, 2023
The Gallery Images Ape plugin for WordPress is vulnerable to Arbitrary Plugin Deactivation in...
Moderate
Unreviewed
CVE-2019-25149
was published
Jun 7, 2023
The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to authorization...
High
Unreviewed
CVE-2020-36696
was published
Jun 7, 2023
A security defect in Foundry's Comments functionality resulted in the retrieval of attachments to...
Moderate
Unreviewed
CVE-2023-30948
was published
Jun 6, 2023
Transient DOS due to improper authentication in modem while receiving plain TLB OTA request...
High
Unreviewed
CVE-2022-40536
was published
Jun 6, 2023
Transient DOS due to improper authorization in Modem
High
Unreviewed
CVE-2022-40521
was published
Jun 6, 2023
Kyverno resource with a deletionTimestamp may allow policy circumvention
Moderate
CVE-2023-34091
was published
for
github.com/kyverno/kyverno
(Go)
Jun 5, 2023
The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST ...
Moderate
Unreviewed
CVE-2023-0583
was published
Jun 3, 2023
The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST ...
Moderate
Unreviewed
CVE-2023-0584
was published
Jun 3, 2023
On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform...
Moderate
Unreviewed
CVE-2023-32717
was published
Jun 1, 2023
In JetBrains TeamCity before 2023.05 improper permission checks allowed users without appropriate...
Moderate
Unreviewed
CVE-2023-34219
was published
May 31, 2023
Improper Authorization in GitHub repository openemr/openemr prior to 7.0.1.
Moderate
Unreviewed
CVE-2023-2950
was published
May 28, 2023
Pomerium vulnerable to Incorrect Authorization with specially crafted requests
Critical
CVE-2023-33189
was published
for
github.com/pomerium/pomerium
(Go)
May 26, 2023
ProTip!
Advisories are also available from the
GraphQL API