Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

838 advisories

Loading
A vulnerability was found in kylin-activation and classified as critical. Affected by this issue... High Unreviewed
CVE-2023-1164 was published Mar 3, 2023
An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It possesses... High Unreviewed
CVE-2022-34908 was published Feb 27, 2023
A privilege escalation vulnerability exists in Node.js <19.6.1, <18.14.1, <16.19.1 and <14.21.3... High Unreviewed
CVE-2023-23918 was published Feb 23, 2023
Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform... High Unreviewed
CVE-2023-24485 was published Feb 16, 2023
Microsoft Publisher Security Features Bypass Vulnerability High Unreviewed
CVE-2023-21715 was published Feb 14, 2023
The multi-screen collaboration module has a privilege escalation vulnerability. Successful... High Unreviewed
CVE-2022-48286 was published Feb 9, 2023
The AMS module has a vulnerability of lacking permission verification in APIs.Successful... High Unreviewed
CVE-2022-48302 was published Feb 9, 2023
Bosch Security Systems B420 firmware 02.02.0001 employs IP based authorization in its... High Unreviewed
CVE-2022-47648 was published Feb 8, 2023
Insecure Permission vulnerability in Schlix Web Inc SCHLIX CMS 2.2.7-2 allows attacker to upload... High Unreviewed
CVE-2022-45544 was published Feb 7, 2023
Dell Command Intel vPro Out of Band, versions prior to 4.3.1, contain an Improper Authorization... High Unreviewed
CVE-2023-23696 was published Feb 7, 2023
Western Digital My Cloud devices before OS5 allow REST API access by low-privileged accounts, as... High Unreviewed
CVE-2021-36225 was published Feb 6, 2023
In Progress WS_FTP Server before 8.8, it is possible for a host administrator to elevate their... High Unreviewed
CVE-2023-24029 was published Feb 3, 2023
Active Debug Code vulnerability in robot controller of Mitsubishi Electric Corporation industrial... High Unreviewed
CVE-2022-33323 was published Feb 2, 2023
Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue... High Unreviewed
CVE-2023-24829 was published Jan 31, 2023
Broken Access Control in Betheme theme <= 26.6.1 on WordPress. High Unreviewed
CVE-2022-45353 was published Jan 14, 2023
Incorrect Authorization check affecting all versions of GitLab EE from 13.11 prior to 15.5.7, 15... High Unreviewed
CVE-2022-4167 was published Jan 12, 2023
The Administrator function of EasyTest has an Incorrect Authorization vulnerability. A remote... High Unreviewed
CVE-2022-43438 was published Jan 3, 2023
The iubenda | All-in-one Compliance for GDPR / CCPA Cookie Consent + more WordPress plugin before... High Unreviewed
CVE-2022-3911 was published Jan 3, 2023
D-Link DIR-869 DIR869Ax_FW102B15 is vulnerable to Authentication Bypass via phpcgi. High Unreviewed
CVE-2022-46076 was published Dec 20, 2022
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2... High Unreviewed
CVE-2022-46399 was published Dec 20, 2022
An access issue existed with privileged API calls. This issue was addressed with additional... High Unreviewed
CVE-2022-42849 was published Dec 15, 2022
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed... High Unreviewed
CVE-2022-23741 was published Dec 14, 2022
Denial of service in Modem module due to improper authorization while error handling in... High Unreviewed
CVE-2022-25685 was published Dec 13, 2022
SENS v1.0 is vulnerable to Incorrect Access Control vulnerability. High Unreviewed
CVE-2022-45760 was published Dec 12, 2022
Improper authorization in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker... High Unreviewed
CVE-2022-39902 was published Dec 8, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database