Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,337 advisories

Loading
An authenticated attacker granted a Viewer or Auditor role on a BIG-IQ can upload arbitrary files... Moderate Unreviewed
CVE-2023-29240 was published Jul 6, 2023
A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura... Moderate Unreviewed
CVE-2023-23510 was published Jul 6, 2023
The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2023-0814 was published Jul 6, 2023
An improper authorization vulnerability in Darktrace mobile app (Android) prior to version 6.0.15... Moderate Unreviewed
CVE-2023-29656 was published Jul 6, 2023
An issue was discovered in the CheckUserLog API in the CheckUser extension for MediaWiki through... Moderate Unreviewed
CVE-2023-37300 was published Jun 30, 2023
A security defect was identified in Foundry workspace-server that enabled a user to bypass an... Moderate Unreviewed
CVE-2023-30955 was published Jun 29, 2023
Incorrect access control in the component /index.php?mod=system&op=orgtree of dzzoffice 2.02... Moderate Unreviewed
CVE-2021-30205 was published Jun 27, 2023
AWS CDK EKS overly permissive trust policies Moderate
CVE-2023-35165 was published for @aws-cdk/aws-eks (npm) Jun 19, 2023
twelvemo stefreak
Credited to twelvemo and stefreak
Vulnerability of unauthorized access to foreground app information.Successful exploitation of... Moderate Unreviewed
CVE-2022-48495 was published Jun 19, 2023
Vulnerability of bypassing the default desktop security controls.Successful exploitation of this... Moderate Unreviewed
CVE-2022-48488 was published Jun 19, 2023
In KeePassXC through 2.7.5, a local attacker can make changes to the Database security settings,... Moderate Unreviewed
CVE-2023-35866 was published Jun 19, 2023
Magento Open Source affected by Improper Input Validation Moderate
CVE-2023-22248 was published for magento/community-edition (Composer) Jun 15, 2023
Magento Open Source allows Incorrect Authorization Moderate
CVE-2023-29288 was published for magento/community-edition (Composer) Jun 15, 2023
SSPanel-Uim 2023.3 does not restrict access to the /link/ interface which can lead to a leak of... Moderate Unreviewed
CVE-2023-34965 was published Jun 13, 2023
An issue found in Sleep v.20230303 for Android allows unauthorized apps to cause a persistent... Moderate Unreviewed
CVE-2023-29761 was published Jun 9, 2023
An issue found in FlightAware v.5.8.0 for Android allows unauthorized apps to cause a persistent... Moderate Unreviewed
CVE-2023-29759 was published Jun 9, 2023
An issue found in Blue Light Filter v.1.5.5 for Android allows unauthorized apps to cause a... Moderate Unreviewed
CVE-2023-29758 was published Jun 9, 2023
Incorrect access control in Chamilo 1.11.* up to 1.11.18 allows a student subscribed to a given... Moderate Unreviewed
CVE-2023-34958 was published Jun 8, 2023
The JobSearch WP Job Board plugin for WordPress is vulnerable to authorization bypass due to a... Moderate Unreviewed
CVE-2021-4352 was published Jun 7, 2023
Synapse has URL deny list bypass via oEmbed and image URLs when generating previews Moderate
CVE-2023-32683 was published for matrix-synapse (pip) Jun 6, 2023
Android applications with unpatched vulnerabilities can be launched from a browser using Intents,... Moderate Unreviewed
CVE-2023-25749 was published Jun 2, 2023
A duplicate <code>SystemPrincipal</code> object could be created when parsing a non-system html... Moderate Unreviewed
CVE-2023-23604 was published Jun 2, 2023
In JetBrains TeamCity before 2023.05 improper permission checks allowed users without appropriate... Moderate Unreviewed
CVE-2023-34219 was published May 31, 2023
OX App Suite before backend 7.10.6-rev37 allows authenticated users to bypass access controls ... Moderate Unreviewed
CVE-2023-24600 was published May 29, 2023
A vulnerability was found in the HCI sockets implementation due to a missing capability check in... Moderate Unreviewed
CVE-2023-2002 was published May 26, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database