Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

987 advisories

Loading
Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. A high... Moderate Unreviewed
CVE-2023-32490 was published Aug 16, 2023
The Premium Packages - Sell Digital Products Securely plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2023-4293 was published Aug 12, 2023
The Real Estate Manager plugin for WordPress is vulnerable to privilege escalation in versions up... Moderate Unreviewed
CVE-2023-4239 was published Aug 9, 2023
Ineffective privileges drop when requesting container network Moderate
CVE-2023-38496 was published for github.com/apptainer/apptainer (Go) Jul 25, 2023
An improper privilege check in the OTRS ticket move action in the agent interface allows any as... Moderate Unreviewed
CVE-2023-38058 was published Jul 24, 2023
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2023-38187 was published Jul 21, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is... Moderate Unreviewed
CVE-2023-29256 was published Jul 10, 2023
The Greeklish-permalink WordPress plugin through 3.3 does not implement correct authorization or... Moderate Unreviewed
CVE-2023-2495 was published Jul 10, 2023
An authenticated attacker granted a Viewer or Auditor role on a BIG-IQ can upload arbitrary files... Moderate Unreviewed
CVE-2023-29240 was published Jul 6, 2023
A CWE-269: Improper Privilege Management vulnerability exists that could cause a local user to... Moderate Unreviewed
CVE-2023-1548 was published Jul 6, 2023
It is possible to manipulate the JWT token without the knowledge of the JWT secret and... Moderate Unreviewed
CVE-2021-4314 was published Jul 6, 2023
Improper privilege management vulnerability in Samsung Smart Switch for Windows Installer prior... Moderate Unreviewed
CVE-2023-30672 was published Jul 6, 2023
Improper privilege management vulnerability in Galaxy Themes Service prior to SMR Jul-2023... Moderate Unreviewed
CVE-2023-30642 was published Jul 6, 2023
Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows... Moderate Unreviewed
CVE-2023-21513 was published Jun 28, 2023
A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote... Moderate Unreviewed
CVE-2023-20136 was published Jun 28, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.1 before 15... Moderate Unreviewed
CVE-2023-2485 was published Jun 7, 2023
The Funnel Builder plugin for WordPress is vulnerable to authorization bypass due to a missing... Moderate Unreviewed
CVE-2019-25151 was published Jun 7, 2023
Data leakage in Adobe connector in Snow Software SPE 9.27.0 on Windows allows privileged user to... Moderate Unreviewed
CVE-2023-2679 was published May 17, 2023
An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before... Moderate Unreviewed
CVE-2023-29819 was published May 12, 2023
Changes to user permissions in Portal for ArcGIS 10.9.1 and below are incompletely applied in... Moderate Unreviewed
CVE-2023-25834 was published May 9, 2023
A valid LDAP user, under specific conditions, will default to read-only permissions when... Moderate Unreviewed
CVE-2023-29056 was published Apr 29, 2023
Insecure Permissions vulnerability found in MagicJack A921 USB Phone Jack Rev 3.0 v.1.4 allows a... Moderate Unreviewed
CVE-2023-30024 was published Apr 28, 2023
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2023-28261 was published Apr 27, 2023
A potential risk in clusternet which can be leveraged to make a cluster-level privilege escalation Moderate
CVE-2023-30622 was published for github.com/clusternet/clusternet (Go) Apr 21, 2023
younaman dixudx
lmxia
Credited to younaman, dixudx, and lmxia
In adsp, there is a possible out of bounds write due to improper input validation. This could... Moderate Unreviewed
CVE-2023-20680 was published Apr 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database