GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
498 advisories
Filter by severity
Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR...
Moderate
Unreviewed
CVE-2023-30714
was published
Sep 6, 2023
Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12...
Moderate
Unreviewed
CVE-2023-30730
was published
Sep 6, 2023
Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to...
Moderate
Unreviewed
CVE-2023-30706
was published
Sep 6, 2023
Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA...
High
Unreviewed
CVE-2023-33020
was published
Sep 5, 2023
Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing...
High
Unreviewed
CVE-2023-28584
was published
Sep 5, 2023
Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station...
High
Unreviewed
CVE-2023-33019
was published
Sep 5, 2023
A vulnerability was found in subscription-manager that allows local privilege escalation due to...
High
Unreviewed
CVE-2023-3899
was published
Aug 23, 2023
Improper authorization in the Intel(R) NUC Pro Software Suite for Windows before version 2.0.0.9...
Moderate
Unreviewed
CVE-2023-28385
was published
Aug 11, 2023
Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows...
Moderate
Unreviewed
CVE-2023-30704
was published
Aug 10, 2023
Consul JWT Auth in L7 Intentions Allow for Mismatched Service Identity and JWT Providers
High
CVE-2023-3518
was published
for
github.com/hashicorp/consul
(Go)
Aug 9, 2023
The FULL - Customer plugin for WordPress is vulnerable to Arbitrary File Upload via the /install...
High
Unreviewed
CVE-2023-4243
was published
Aug 9, 2023
The ACL (Access Control List) of SAP Message Server - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7...
High
Unreviewed
CVE-2023-37491
was published
Aug 8, 2023
The ACF Photo Gallery Field plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2023-3957
was published
Jul 27, 2023
Improper authorization on debug and artifact file downloads
High
CVE-2023-36826
was published
for
sentry
(pip)
Jul 25, 2023
Improper privilege validation in Command Centre Server allows authenticated unprivileged...
Moderate
Unreviewed
CVE-2023-23568
was published
Jul 25, 2023
Improper privilege validation in Command Centre Server allows authenticated unprivileged...
Moderate
Unreviewed
CVE-2023-25074
was published
Jul 25, 2023
Improper privilege validation in Command Centre Server allows authenticated operators to modify...
Moderate
Unreviewed
CVE-2023-22428
was published
Jul 25, 2023
A vulnerability, which was classified as critical, has been found in Xiamen Four Letter Video...
High
Unreviewed
CVE-2023-3805
was published
Jul 21, 2023
Wyse Management Suite versions prior to 4.0 contain an improper authorization vulnerability. An...
Moderate
Unreviewed
CVE-2023-32482
was published
Jul 20, 2023
Pimcore Customer Management Framework vulnerable to Improper Authorization in Rules Controller
Moderate
CVE-2023-3574
was published
for
pimcore/customer-management-framework-bundle
(Composer)
Jul 10, 2023
The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2023-1910
was published
Jul 6, 2023
In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below...
High
Unreviewed
CVE-2023-32707
was published
Jul 6, 2023
In Splunk Enterprise versions below 9.0.5, 8.2.11. and 8.1.14, and Splunk Cloud Platform versions...
Moderate
Unreviewed
CVE-2023-32709
was published
Jul 6, 2023
Improper Authorization vulnerability in OTRS AG OTRS 8 (Websocket API backend) allows any as...
High
Unreviewed
CVE-2023-2534
was published
Jul 6, 2023
In Splunk Enterprise versions below 8.1.13 and 8.2.10, the ‘createrss’ external search command...
Moderate
Unreviewed
CVE-2023-22931
was published
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API