Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

516 advisories

Loading
A vulnerability was found in SourceCodester Service Provider Management System 1.0 and classified... Moderate Unreviewed
CVE-2023-2345 was published Apr 27, 2023
An Improper Authorization vulnerability in the 'sysmanctl' shell command of Juniper Networks... High Unreviewed
CVE-2023-28973 was published Apr 18, 2023
Improper Authorization vulnerability in ForgeRock Inc. Access Management allows Authentication... Critical Unreviewed
CVE-2022-3748 was published Apr 14, 2023
Improper authorization in Gitlab EE affecting all versions from 12.3.0 before 15.8.5, all... Moderate Unreviewed
CVE-2023-1167 was published Apr 5, 2023
A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows... High Unreviewed
CVE-2022-3787 was published Mar 29, 2023
The listed versions of AVEVA Plant SCADA and AVEVA Telemetry Server are vulnerable to an improper... Critical Unreviewed
CVE-2023-1256 was published Mar 16, 2023
A vulnerability was found in kylin-activation and classified as critical. Affected by this issue... High Unreviewed
CVE-2023-1164 was published Mar 3, 2023
The affected product DIAEnergie (versions prior to v1.9.03.001) contains improper authorization,... High Unreviewed
CVE-2023-0822 was published Feb 17, 2023
PowerPath Management Appliance with versions 3.3 & 3.2* contains Authorization Bypass... High Unreviewed
CVE-2022-34446 was published Feb 11, 2023
Because the web management interface for Unified Intents' Unified Remote solution does not itself... Critical Unreviewed
CVE-2022-3229 was published Feb 7, 2023
Improper Authorization in GitHub repository phpipam/phpipam prior to v1.5.1. Moderate Unreviewed
CVE-2023-0678 was published Feb 4, 2023
A CWE-285: Improper Authorization vulnerability exists that could cause unauthorized access to... Low Unreviewed
CVE-2022-4062 was published Feb 1, 2023
An improper access control vulnerability was identified in the Realtek audio driver. A local... High Unreviewed
CVE-2022-34405 was published Jan 26, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 prior to... Moderate Unreviewed
CVE-2022-3740 was published Jan 26, 2023
The Royal Elementor Addons plugin for WordPress is vulnerable to insufficient access control in... High Unreviewed
CVE-2022-4701 was published Jan 10, 2023
A vulnerability, which was classified as problematic, was found in jvvlee MerlinsBoard. This... Moderate Unreviewed
CVE-2015-10033 was published Jan 9, 2023
A vulnerability was found in Forged Alliance Forever up to 3746. It has been declared as critical... High Unreviewed
CVE-2022-4879 was published Jan 6, 2023
Huawei Aslan Children's Watch has an improper authorization vulnerability. Successful exploit... Moderate Unreviewed
CVE-2022-45874 was published Dec 28, 2022
The parent process would not properly check whether the Speech Synthesis feature is enabled, when... Moderate Unreviewed
CVE-2022-29913 was published Dec 22, 2022
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where certain PHP... Moderate Unreviewed
CVE-2022-3187 was published Dec 22, 2022
The application management module has a vulnerability in permission verification. Successful... High Unreviewed
CVE-2022-46312 was published Dec 20, 2022
A vulnerability was found in Click Studios Passwordstate and Passwordstate Browser Extension... Moderate Unreviewed
CVE-2022-4613 was published Dec 19, 2022
A vulnerability, which was classified as problematic, has been found in Click Studios... Moderate Unreviewed
CVE-2022-3876 was published Dec 19, 2022
The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting... High Unreviewed
CVE-2022-2536 was published Dec 15, 2022
An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension... High Unreviewed
CVE-2022-47409 was published Dec 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database