Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

498 advisories

Loading
Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR... Moderate Unreviewed
CVE-2023-30714 was published Sep 6, 2023
Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12... Moderate Unreviewed
CVE-2023-30730 was published Sep 6, 2023
Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to... Moderate Unreviewed
CVE-2023-30706 was published Sep 6, 2023
Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA... High Unreviewed
CVE-2023-33020 was published Sep 5, 2023
Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing... High Unreviewed
CVE-2023-28584 was published Sep 5, 2023
Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station... High Unreviewed
CVE-2023-33019 was published Sep 5, 2023
A vulnerability was found in subscription-manager that allows local privilege escalation due to... High Unreviewed
CVE-2023-3899 was published Aug 23, 2023
Improper authorization in the Intel(R) NUC Pro Software Suite for Windows before version 2.0.0.9... Moderate Unreviewed
CVE-2023-28385 was published Aug 11, 2023
Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows... Moderate Unreviewed
CVE-2023-30704 was published Aug 10, 2023
Consul JWT Auth in L7 Intentions Allow for Mismatched Service Identity and JWT Providers High
CVE-2023-3518 was published for github.com/hashicorp/consul (Go) Aug 9, 2023
anonymous4ACL24
The FULL - Customer plugin for WordPress is vulnerable to Arbitrary File Upload via the /install... High Unreviewed
CVE-2023-4243 was published Aug 9, 2023
The ACL (Access Control List) of SAP Message Server - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7... High Unreviewed
CVE-2023-37491 was published Aug 8, 2023
The ACF Photo Gallery Field plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed
CVE-2023-3957 was published Jul 27, 2023
Improper authorization on debug and artifact file downloads High
CVE-2023-36826 was published for sentry (pip) Jul 25, 2023
Swatinem
Improper privilege validation in Command Centre Server allows authenticated unprivileged... Moderate Unreviewed
CVE-2023-23568 was published Jul 25, 2023
Improper privilege validation in Command Centre Server allows authenticated unprivileged... Moderate Unreviewed
CVE-2023-25074 was published Jul 25, 2023
Improper privilege validation in Command Centre Server allows authenticated operators to modify... Moderate Unreviewed
CVE-2023-22428 was published Jul 25, 2023
A vulnerability, which was classified as critical, has been found in Xiamen Four Letter Video... High Unreviewed
CVE-2023-3805 was published Jul 21, 2023
Wyse Management Suite versions prior to 4.0 contain an improper authorization vulnerability. An... Moderate Unreviewed
CVE-2023-32482 was published Jul 20, 2023
Pimcore Customer Management Framework vulnerable to Improper Authorization in Rules Controller Moderate
CVE-2023-3574 was published for pimcore/customer-management-framework-bundle (Composer) Jul 10, 2023
aqngoc
The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed
CVE-2023-1910 was published Jul 6, 2023
In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below... High Unreviewed
CVE-2023-32707 was published Jul 6, 2023
In Splunk Enterprise versions below 9.0.5, 8.2.11. and 8.1.14, and Splunk Cloud Platform versions... Moderate Unreviewed
CVE-2023-32709 was published Jul 6, 2023
Improper Authorization vulnerability in OTRS AG OTRS 8 (Websocket API backend) allows any as... High Unreviewed
CVE-2023-2534 was published Jul 6, 2023
In Splunk Enterprise versions below 8.1.13 and 8.2.10, the ‘createrss’ external search command... Moderate Unreviewed
CVE-2023-22931 was published Jul 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database