Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,337 advisories

Loading
No permission checks for editing/deleting records with CSV import form Moderate
CVE-2023-49783 was published for silverstripe/admin (Composer) Jan 23, 2024
GuySartorelli
Credited to GuySartorelli
View permissions are bypassed for paginated lists of ORM data Moderate
CVE-2023-44401 was published for silverstripe/graphql (Composer) Jan 23, 2024
In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store)... Moderate Unreviewed
CVE-2024-23675 was published Jan 22, 2024
The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when... Moderate Unreviewed
CVE-2022-0775 was published Jan 16, 2024
An improper access control vulnerability exists in GitLab Remote Development affecting all... Moderate Unreviewed
CVE-2023-6955 was published Jan 12, 2024
A logic issue was addressed with improved checks This issue is fixed in macOS Sonoma 14. A camera... Moderate Unreviewed
CVE-2023-41994 was published Jan 11, 2024
SAP S/4HANA Finance for (Advanced Payment Management) - versions SAPSCORE 128, S4CORE 107, does... Moderate Unreviewed
CVE-2024-21736 was published Jan 9, 2024
juzawebCMS Incorrect Access Control vulnerability Moderate
CVE-2023-46906 was published for juzaweb/cms (Composer) Jan 9, 2024
There is an illegal memory access vulnerability of ZTE's ZXCLOUD iRAI product.When the... Moderate Unreviewed
CVE-2023-41779 was published Jan 3, 2024
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed... Moderate Unreviewed
CVE-2023-51379 was published Dec 21, 2023
Inadequate validation of permissions when employing remote tools and macros via the context... Moderate Unreviewed
CVE-2023-7047 was published Dec 21, 2023
An attacker could create malicious requests to obtain sensitive information about the... Moderate Unreviewed
CVE-2023-50705 was published Dec 20, 2023
Incorrect selection of fuse values in the Controller 7000 platform allows an attacker to bypass... Moderate Unreviewed
CVE-2023-6355 was published Dec 19, 2023
Tokens stored in plain text by PaaSLane Estimate Plugin Moderate
CVE-2023-50777 was published for com.cloudtp.jenkins:paaslane-estimate (Maven) Dec 13, 2023
Privilege Escalation using Spoofing Moderate
CVE-2023-49273 was published for Umbraco.CMS (NuGet) Dec 13, 2023
jerpenol
Credited to jerpenol
An issue was discovered in Zammad before 6.2.0. When listing tickets linked to a knowledge base... Moderate Unreviewed
CVE-2023-50457 was published Dec 10, 2023
Improper authorization verification vulnerability in AR Emoji prior to SMR Dec-2023 Release 1... Moderate Unreviewed
CVE-2023-42569 was published Dec 5, 2023
Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical... Moderate Unreviewed
CVE-2023-42575 was published Dec 5, 2023
An Insecure Credential Management issue discovered in Connectize AC21000 G6 641.139.1.1256 allows... Moderate Unreviewed
CVE-2023-24047 was published Dec 5, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 16.2 before 16.4.3... Moderate Unreviewed
CVE-2023-5995 was published Dec 1, 2023
An issue has been discovered in GitLab affecting all versions starting from 13.2 before 16.4.3,... Moderate Unreviewed
CVE-2023-3964 was published Dec 1, 2023
An issue has been discovered in GitLab affecting all versions starting from 9.2 before 16.4.3,... Moderate Unreviewed
CVE-2023-4317 was published Dec 1, 2023
Incorrect Authorization vulnerability in NicheAddons Events Addon for Elementor allows Accessing... Moderate Unreviewed
CVE-2023-47827 was published Nov 30, 2023
Duplicate Advisory: Apache Superset - Elevation of Privilege Moderate
GHSA-392c-vjfv-h7wr was published for apache-superset (pip) Nov 27, 2023 withdrawn
The WP Hotel Booking WordPress plugin before 2.0.8 does not have proper authorisation when... Moderate Unreviewed
CVE-2023-5799 was published Nov 20, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database