GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
63 advisories
Filter by severity
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11...
Low
Unreviewed
CVE-2024-4011
was published
Jun 27, 2024
An issue has been discovered in GitLab affecting all versions before 16.7.6, all versions...
Low
Unreviewed
CVE-2023-3509
was published
Feb 22, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 8.17 before 16.4.4...
Low
Unreviewed
CVE-2023-3511
was published
Dec 15, 2023
An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and...
Low
Unreviewed
CVE-2023-47536
was published
Dec 13, 2023
Mattermost fails to validate team membership when a user attempts to access a playbook, allowing...
Low
Unreviewed
CVE-2023-6547
was published
Dec 12, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 8.13 before 16.4.3...
Low
Unreviewed
CVE-2023-4658
was published
Dec 1, 2023
An issue has been discovered in GitLab affecting all versions starting from 12.1 before 16.4.3,...
Low
Unreviewed
CVE-2023-3443
was published
Dec 1, 2023
Improper access control in the Intel Smart Campus android application before version 9.4 may...
Low
Unreviewed
CVE-2023-38411
was published
Nov 14, 2023
Improper access control for some Intel Unison software may allow a privileged user to potentially...
Low
Unreviewed
CVE-2022-41659
was published
Nov 14, 2023
When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of...
Low
Unreviewed
CVE-2023-5543
was published
Nov 10, 2023
An authorization issue affecting GitLab EE affecting all versions from 14.7 prior to 16.3.6, 16.4...
Low
Unreviewed
CVE-2023-4700
was published
Nov 6, 2023
Improper access control in system property prior to SMR Oct-2023 Release 1 allows local attacker...
Low
Unreviewed
CVE-2023-30732
was published
Oct 4, 2023
Improper access control vulnerability in Weather prior to SMR Sep-2023 Release 1 allows attackers...
Low
Unreviewed
CVE-2023-30715
was published
Sep 6, 2023
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230816. It...
Low
Unreviewed
CVE-2023-4546
was published
Aug 26, 2023
Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call...
Low
Unreviewed
CVE-2023-30682
was published
Aug 10, 2023
Improper access control vulnerability in Telecom prior to SMR Aug-2023 Release 1 allows local...
Low
Unreviewed
CVE-2023-30685
was published
Aug 10, 2023
Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call...
Low
Unreviewed
CVE-2023-30683
was published
Aug 10, 2023
Improper access control in Samsung Telecom prior to SMR Aug-2023 Release 1 allows local attackers...
Low
Unreviewed
CVE-2023-30684
was published
Aug 10, 2023
Improper access control in Audio system service prior to SMR Jul-2023 Release 1 allows attacker...
Low
Unreviewed
CVE-2023-30667
was published
Jul 6, 2023
Improper access control vulnerability in PersonaManagerService prior to SMR Jul-2023 Release 1...
Low
Unreviewed
CVE-2023-30640
was published
Jul 6, 2023
Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022...
Low
Unreviewed
CVE-2022-39887
was published
Nov 10, 2022
Improper access control vulnerability in QuickShare prior to version 13.2.3.5 allows attackers to...
Low
Unreviewed
CVE-2022-39860
was published
Oct 7, 2022
Improper access control vulnerability in Telecom application prior to SMR Sep-2022 Release 1...
Low
Unreviewed
CVE-2022-36856
was published
Sep 10, 2022
Improper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical...
Low
Unreviewed
CVE-2022-33720
was published
Aug 6, 2022
Improper access control vulnerability in WebApp in Cameralyzer prior to versions 3.2.22, 3.3.22,...
Low
Unreviewed
CVE-2022-36832
was published
Aug 6, 2022
ProTip!
Advisories are also available from the
GraphQL API