Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

838 advisories

Loading
Unauthorized access vulnerability in the card management module. Successful exploitation of this... High Unreviewed
CVE-2023-49239 was published Dec 6, 2023
Unauthorized access vulnerability in the card management module. Successful exploitation of this... High Unreviewed
CVE-2023-49246 was published Dec 6, 2023
Memory corruption in Automotive OS whenever untrusted apps try to access HAb for graphics... High Unreviewed
CVE-2023-33071 was published Dec 5, 2023
Forgejo before 1.20.5-1 allows 2FA bypass when docker login uses Basic Authentication. High Unreviewed
CVE-2023-49947 was published Dec 3, 2023
IBM Administration Runtime Expert for i 7.2, 7.3, 7.4, and 7.5 could allow a local user to obtain... High Unreviewed
CVE-2023-42006 was published Dec 1, 2023
During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the... High Unreviewed
CVE-2023-5553 was published Nov 21, 2023
A incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 -... High Unreviewed
CVE-2022-40681 was published Nov 14, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 15.3 prior to 16.2... High Unreviewed
CVE-2023-4379 was published Nov 9, 2023
TOTOLINK A3300R V17.0.0cu.557_B20221024 is vulnerable to Incorrect Access Control. Attackers are... High Unreviewed
CVE-2023-46992 was published Oct 31, 2023
An issue in the component SuperUserSetuserModuleFrontController:init() of idnovate superuser... High Unreviewed
CVE-2023-45899 was published Oct 31, 2023
In Sim, there is a possible way to evade mobile preference restrictions due to a permission... High Unreviewed
CVE-2023-21390 was published Oct 30, 2023
In resetSettingsLocked of SettingsProvider.java, there is a possible lockscreen bypass due to a... High Unreviewed
CVE-2023-40117 was published Oct 27, 2023
An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP... High Unreviewed
CVE-2023-46753 was published Oct 26, 2023
The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized modification of... High Unreviewed
CVE-2021-4334 was published Oct 20, 2023
The Brizy plugin for WordPress is vulnerable to authorization bypass due to a incorrect... High Unreviewed
CVE-2020-36714 was published Oct 20, 2023
There is an interface unauthorized access vulnerability in the background of Tencent Enterprise... High Unreviewed
CVE-2023-40829 was published Oct 12, 2023
Incorrect Authorization in GitHub repository tiann/kernelsu prior to v0.6.9. High Unreviewed
CVE-2023-5521 was published Oct 11, 2023
An incorrect authorization vulnerability [CWE-863] in FortiMail webmail version 7.2.0 through 7.2... High Unreviewed
CVE-2023-36556 was published Oct 10, 2023
An issue in NETIS SYSTEMS N3Mv2 v.1.0.1.865 allows a remote attacker to cause a denial of service... High Unreviewed
CVE-2023-44860 was published Oct 7, 2023
A flaw was found in OpenShift API, as admission checks do not enforce "custom-host" permissions.... High Unreviewed
CVE-2022-3248 was published Oct 5, 2023
An improper access control flaw was found in Candlepin. An attacker can create data scoped under... High Unreviewed
CVE-2023-1832 was published Oct 4, 2023
Improper authorisation of regular users in ProIntegra Uptime DC software (versions below 2.0.0... High Unreviewed
CVE-2023-4997 was published Oct 4, 2023
An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12... High Unreviewed
CVE-2023-5106 was published Oct 2, 2023
** UNSUPPPORTED WHEN ASSIGNED ** Incorrect authorisation in ekorCCP and ekorRCI, which could... High Unreviewed
CVE-2022-47553 was published Sep 19, 2023
Weak access control in Wing FTP Server (Admin Web Client) allows for privilege escalation.This... High Unreviewed
CVE-2023-37881 was published Sep 15, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database