Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

516 advisories

Loading
Parameter verification vulnerability in the installd module. Successful exploitation of this... Critical Unreviewed
CVE-2023-39402 was published Aug 13, 2023
Improper authorization in the Intel(R) NUC Pro Software Suite for Windows before version 2.0.0.9... Moderate Unreviewed
CVE-2023-28385 was published Aug 11, 2023
Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows... Moderate Unreviewed
CVE-2023-30704 was published Aug 10, 2023
The FULL - Customer plugin for WordPress is vulnerable to Arbitrary File Upload via the /install... High Unreviewed
CVE-2023-4243 was published Aug 9, 2023
The ACL (Access Control List) of SAP Message Server - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7... High Unreviewed
CVE-2023-37491 was published Aug 8, 2023
The ACF Photo Gallery Field plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed
CVE-2023-3957 was published Jul 27, 2023
Improper privilege validation in Command Centre Server allows authenticated unprivileged... Moderate Unreviewed
CVE-2023-23568 was published Jul 25, 2023
Improper privilege validation in Command Centre Server allows authenticated unprivileged... Moderate Unreviewed
CVE-2023-25074 was published Jul 25, 2023
Improper privilege validation in Command Centre Server allows authenticated operators to modify... Moderate Unreviewed
CVE-2023-22428 was published Jul 25, 2023
A vulnerability, which was classified as critical, has been found in Xiamen Four Letter Video... High Unreviewed
CVE-2023-3805 was published Jul 21, 2023
Wyse Management Suite versions prior to 4.0 contain an improper authorization vulnerability. An... Moderate Unreviewed
CVE-2023-32482 was published Jul 20, 2023
The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed
CVE-2023-1910 was published Jul 6, 2023
In Splunk Enterprise versions below 9.0.5, 8.2.11. and 8.1.14, and Splunk Cloud Platform versions... Moderate Unreviewed
CVE-2023-32709 was published Jul 6, 2023
In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below... High Unreviewed
CVE-2023-32707 was published Jul 6, 2023
Improper Authorization vulnerability in OTRS AG OTRS 8 (Websocket API backend) allows any as... High Unreviewed
CVE-2023-2534 was published Jul 6, 2023
In Splunk Enterprise versions below 8.1.13 and 8.2.10, the ‘createrss’ external search command... Moderate Unreviewed
CVE-2023-22931 was published Jul 6, 2023
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘sendemail’ REST API endpoint... Moderate Unreviewed
CVE-2023-22938 was published Jul 6, 2023
A CWE-285: Improper Authorization vulnerability exists that could cause Denial of Service against... High Unreviewed
CVE-2023-22610 was published Jul 6, 2023
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a... High Unreviewed
CVE-2023-25517 was published Jul 4, 2023
The affected TBox RTUs allow low privilege users to access software security tokens of higher... Moderate Unreviewed
CVE-2023-36611 was published Jul 3, 2023
An improper authorization check of local device settings in TeamViewer Remote between version 15... Moderate Unreviewed
CVE-2023-0837 was published Jun 14, 2023
An attacker with local access to the machine could record the traffic, which could allow them... Low Unreviewed
CVE-2023-24476 was published Jun 8, 2023
By changing the filename parameter in the request, an attacker could delete any file with the... High Unreviewed
CVE-2023-29152 was published Jun 8, 2023
The 2J-SlideShow Plugin for WordPress is vulnerable to authorization bypass due to a missing... Moderate Unreviewed
CVE-2020-36729 was published Jun 7, 2023
The Frontend File Manager plugin for WordPress is vulnerable to Privilege Escalation in versions... Moderate Unreviewed
CVE-2021-4344 was published Jun 7, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database