Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,005 advisories

Loading
The multi-screen collaboration module has a privilege escalation vulnerability. Successful... High Unreviewed
CVE-2022-48286 was published Feb 9, 2023
Bosch Security Systems B420 firmware 02.02.0001 employs IP based authorization in its... High Unreviewed
CVE-2022-47648 was published Feb 8, 2023
Insecure Permission vulnerability in Schlix Web Inc SCHLIX CMS 2.2.7-2 allows attacker to upload... High Unreviewed
CVE-2022-45544 was published Feb 7, 2023
Dell Command Intel vPro Out of Band, versions prior to 4.3.1, contain an Improper Authorization... High Unreviewed
CVE-2023-23696 was published Feb 7, 2023
Western Digital My Cloud devices before OS5 allow REST API access by low-privileged accounts, as... High Unreviewed
CVE-2021-36225 was published Feb 6, 2023
In Progress WS_FTP Server before 8.8, it is possible for a host administrator to elevate their... High Unreviewed
CVE-2023-24029 was published Feb 3, 2023
Active Debug Code vulnerability in robot controller of Mitsubishi Electric Corporation industrial... High Unreviewed
CVE-2022-33323 was published Feb 2, 2023
Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue... High Unreviewed
CVE-2023-24829 was published Jan 31, 2023
Broken Access Control in Betheme theme <= 26.6.1 on WordPress. High Unreviewed
CVE-2022-45353 was published Jan 14, 2023
Incorrect Authorization check affecting all versions of GitLab EE from 13.11 prior to 15.5.7, 15... High Unreviewed
CVE-2022-4167 was published Jan 12, 2023
KubeOperator allows unauthorized access to system API High
CVE-2023-22480 was published for github.com/KubeOperator/KubeOperator (Go) Jan 9, 2023
suanve
Uniswap Universal Router Incorrect Authorization vulnerability High
CVE-2022-48216 was published for @uniswap/universal-router (npm) Jan 4, 2023
The Administrator function of EasyTest has an Incorrect Authorization vulnerability. A remote... High Unreviewed
CVE-2022-43438 was published Jan 3, 2023
The iubenda | All-in-one Compliance for GDPR / CCPA Cookie Consent + more WordPress plugin before... High Unreviewed
CVE-2022-3911 was published Jan 3, 2023
destiny.gg chat vulnerable to cross-site request forgery High
CVE-2020-36625 was published for github.com/destinygg/chat (Go) Dec 22, 2022
D-Link DIR-869 DIR869Ax_FW102B15 is vulnerable to Authentication Bypass via phpcgi. High Unreviewed
CVE-2022-46076 was published Dec 20, 2022
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2... High Unreviewed
CVE-2022-46399 was published Dec 20, 2022
An access issue existed with privileged API calls. This issue was addressed with additional... High Unreviewed
CVE-2022-42849 was published Dec 15, 2022
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed... High Unreviewed
CVE-2022-23741 was published Dec 14, 2022
Denial of service in Modem module due to improper authorization while error handling in... High Unreviewed
CVE-2022-25685 was published Dec 13, 2022
SENS v1.0 is vulnerable to Incorrect Access Control vulnerability. High Unreviewed
CVE-2022-45760 was published Dec 12, 2022
Improper authorization in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker... High Unreviewed
CVE-2022-39902 was published Dec 8, 2022
Hasura GraphQL Engine before 2.15.2 mishandles row-level authorization in the Update Many API for... High Unreviewed
CVE-2022-46792 was published Dec 8, 2022
Capsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant Namespace High
CVE-2022-46167 was published for github.com/clastix/capsule (Go) Dec 5, 2022
MaxFedotov whatev3n
Symantec Endpoint Protection (Windows) agent, prior to 14.3 RU6/14.3 RU5 Patch 1, may be... High Unreviewed
CVE-2022-37017 was published Dec 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database