Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,337 advisories

Loading
The myStickymenu WordPress plugin before 2.6.5 does not adequately authorize some ajax calls,... Moderate Unreviewed
CVE-2023-5509 was published Nov 20, 2023
Bypass of field access control in strapi-plugin-protected-populate Moderate
CVE-2023-48218 was published for strapi-plugin-protected-populate (npm) Nov 20, 2023
Wago web-based management of multiple products has a vulnerability which allows an local... Moderate Unreviewed
CVE-2023-3379 was published Nov 20, 2023
Improper authorization verification vulnerability in Samsung Email prior to version 6.1.90.4... Moderate Unreviewed
CVE-2023-42553 was published Nov 15, 2023
An authenticated vulnerability has been identified allowing an attacker to effectively establish... Moderate Unreviewed
CVE-2023-45626 was published Nov 15, 2023
Improper authorization in PushClientProvider of Samsung Push Service prior to version 3.4.10... Moderate Unreviewed
CVE-2023-42541 was published Nov 14, 2023
Apache Airflow allows authenticated and DAG-view authorized users to modify some DAG run detail values when submitting notes Moderate
CVE-2023-47037 was published for apache-airflow (pip) Nov 12, 2023
r3kumar sunSUNQ
Credited to r3kumar and sunSUNQ
The Awesome Support WordPress plugin before 6.1.5 does not correctly authorize the... Moderate Unreviewed
CVE-2023-5352 was published Nov 6, 2023
In Settings, there is a possible way to control private DNS settings from a secondary user due to... Moderate Unreviewed
CVE-2023-21311 was published Oct 30, 2023
The admin panel for Obl.ong before 1.1.2 allows authorization bypass because the email OTP... Moderate Unreviewed
CVE-2023-46754 was published Oct 26, 2023
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.1. An app... Moderate Unreviewed
CVE-2023-41077 was published Oct 25, 2023
Vulnerabilities in the web-based management interface of ClearPass Policy Manager allow an... Moderate Unreviewed
CVE-2023-43508 was published Oct 25, 2023
Fides Information Disclosure Vulnerability in Config API Endpoint Moderate
CVE-2023-46125 was published for ethyca-fides (pip) Oct 24, 2023
h0wl
Credited to h0wl
Vulnerability in Oracle Java SE (component: CORBA). Supported versions that are affected are... Moderate Unreviewed
CVE-2023-22067 was published Oct 18, 2023
In Terminalfour before 8.3.16, misconfigured LDAP users are able to login with an invalid password. Moderate Unreviewed
CVE-2023-29484 was published Oct 16, 2023
Defining resource name as integer may give unintended access in vantage6 Moderate
CVE-2023-28635 was published for vantage6 (pip) Oct 13, 2023
Magento Open Source allows Incorrect Authorization Moderate
CVE-2023-38218 was published for magento/community-edition (Composer) Oct 13, 2023
In TBD of TBD, there is a possible way to access location information due to a permissions bypass... Moderate Unreviewed
CVE-2023-35653 was published Oct 11, 2023
Mattermost Incorrect Authorization vulnerability Moderate
CVE-2023-5195 was published for github.com/mattermost/mattermost-server/v6 (Go) Sep 29, 2023
Mattermost Incorrect Authorization vulnerability Moderate
CVE-2023-5194 was published for github.com/mattermost/mattermost-server/v6 (Go) Sep 29, 2023
An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.2.8,... Moderate Unreviewed
CVE-2023-3979 was published Sep 29, 2023
An issue has been discovered in GitLab affecting all versions starting from 11.2 before 16.2.8,... Moderate Unreviewed
CVE-2023-3920 was published Sep 29, 2023
An issue has been discovered in GitLab affecting all versions prior to 16.2.7, all versions... Moderate Unreviewed
CVE-2023-5198 was published Sep 29, 2023
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8,... Moderate Unreviewed
CVE-2023-4532 was published Sep 29, 2023
An authorization issue was addressed with improved state management. This issue is fixed in macOS... Moderate Unreviewed
CVE-2023-41078 was published Sep 27, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database