Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,201
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

251 advisories

Loading
An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7... Moderate Unreviewed
CVE-2024-0456 was published Jan 26, 2024
A vulnerability was found in Apollo 2.0.0/2.0.1 and classified as problematic. Affected by this... Moderate Unreviewed
CVE-2022-4962 was published Jan 13, 2024
SAP S/4HANA Finance for (Advanced Payment Management) - versions SAPSCORE 128, S4CORE 107, does... Moderate Unreviewed
CVE-2024-21736 was published Jan 9, 2024
An issue has been discovered in GitLab affecting all versions starting from 9.3 before 16.4.4,... Moderate Unreviewed
CVE-2023-5061 was published Dec 15, 2023
In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread... Moderate Unreviewed
CVE-2023-50871 was published Dec 15, 2023
Possible user mocking that bypasses basic authentication Moderate
CVE-2023-48309 was published for next-auth (npm) Nov 20, 2023
securing dastaj
magnunm balazsorban44 ThangHuuVu
Improper authorization in some Intel Battery Life Diagnostic Tool installation software before... Moderate Unreviewed
CVE-2023-32662 was published Nov 14, 2023
Improper authorization in some Intel(R) QAT drivers for Windows - HW Version 2.0 before version 2... Moderate Unreviewed
CVE-2023-28378 was published Nov 14, 2023
An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 through 7.2... Moderate Unreviewed
CVE-2023-36633 was published Nov 14, 2023
Apache Airflow allows authenticated and DAG-view authorized users to modify some DAG run detail values when submitting notes Moderate
CVE-2023-47037 was published for apache-airflow (pip) Nov 12, 2023
r3kumar sunSUNQ
PrestaShop blockreassurance BO User can remove any file from server when adding a and deleting a block Moderate
CVE-2023-47109 was published for prestashop/blockreassurance (Composer) Nov 8, 2023
The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized access to data and... Moderate Unreviewed
CVE-2021-4335 was published Oct 20, 2023
React Developer Tools extension Improper Authorization vulnerability Moderate
CVE-2023-5654 was published for react-devtools-core (npm) Oct 19, 2023
Improper authorization in PushMsgReceiver of Samsung Assistant prior to version 8.7.00.1 allows... Moderate Unreviewed
CVE-2023-30736 was published Oct 4, 2023
An improper authorization issue has been discovered in GitLab CE/EE affecting all versions... Moderate Unreviewed
CVE-2023-2233 was published Sep 29, 2023
matrix-synapse vulnerable to improper validation of receipts allows forged read receipts Moderate
CVE-2023-42453 was published for matrix-synapse (pip) Sep 26, 2023
Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12... Moderate Unreviewed
CVE-2023-30730 was published Sep 6, 2023
Intent redirection vulnerability in PackageInstallerCHN prior to version 13.1.03.00 allows local... Moderate Unreviewed
CVE-2023-30728 was published Sep 6, 2023
Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR... Moderate Unreviewed
CVE-2023-30714 was published Sep 6, 2023
Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to... Moderate Unreviewed
CVE-2023-30706 was published Sep 6, 2023
Improper authorization in the Intel(R) NUC Pro Software Suite for Windows before version 2.0.0.9... Moderate Unreviewed
CVE-2023-28385 was published Aug 11, 2023
Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows... Moderate Unreviewed
CVE-2023-30704 was published Aug 10, 2023
The ACF Photo Gallery Field plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed
CVE-2023-3957 was published Jul 27, 2023
Improper privilege validation in Command Centre Server allows authenticated unprivileged... Moderate Unreviewed
CVE-2023-23568 was published Jul 25, 2023
Improper privilege validation in Command Centre Server allows authenticated unprivileged... Moderate Unreviewed
CVE-2023-25074 was published Jul 25, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database