Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,337 advisories

Loading
Operation restriction bypass vulnerability in MultiReport of Cybozu Garoon 5.15.0 allows a remote... Moderate Unreviewed
CVE-2023-27384 was published May 23, 2023
Improper access control vulnerability in the system date/time setting page of SolarView Compact... Moderate Unreviewed
CVE-2023-27920 was published May 23, 2023
There is an LDAP bind credentials exposure on KACE Systems Deployment and Remote Site appliances... Moderate Unreviewed
CVE-2023-33254 was published May 22, 2023
Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video... Moderate Unreviewed
CVE-2023-26818 was published May 19, 2023
An issue in Zammad v5.4.0 allows attackers to bypass e-mail verification using an arbitrary... Moderate Unreviewed
CVE-2023-31597 was published May 18, 2023
Sensitive information disclosure due to improper authorization. The following products are... Moderate Unreviewed
CVE-2023-2782 was published May 18, 2023
In verifyReplacingVersionCode of InstallPackageHelper.java, there is a possible way to downgrade... Moderate Unreviewed
CVE-2023-21116 was published May 16, 2023
VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with... Moderate Unreviewed
CVE-2023-20880 was published May 12, 2023
An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before... Moderate Unreviewed
CVE-2023-29819 was published May 12, 2023
An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before... Moderate Unreviewed
CVE-2023-29818 was published May 12, 2023
An improper authorization vulnerability exists in Rocket.Chat <6.0 that could allow a hacker to... Moderate Unreviewed
CVE-2023-28325 was published May 12, 2023
A vulnerability has been identified in Rocket.Chat, where the ACL checks in the Slash Command ... Moderate Unreviewed
CVE-2023-28357 was published May 12, 2023
Improper authorization in the Intel(R) SCS software all versions may allow an authenticated user... Moderate Unreviewed
CVE-2022-43465 was published May 10, 2023
Improper authorization in Intel(R) EMA Configuration Tool before version 1.0.4 and Intel(R) MC... Moderate Unreviewed
CVE-2022-41610 was published May 10, 2023
Improper authorization in the Intel(R) EMA software before version 1.9.0.0 may allow an... Moderate Unreviewed
CVE-2022-45128 was published May 10, 2023
OpenSearch issue with fine-grained access control during extremely rare race conditions Moderate
CVE-2023-31141 was published for org.opensearch.plugin:opensearch-security (Maven) May 9, 2023
On a compromised node, the fluid-csi service account can be used to modify node specs Moderate
CVE-2023-30840 was published for github.com/fluid-cloudnative/fluid (Go) May 9, 2023
Secure Boot Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2023-24932 was published May 9, 2023
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS... Moderate Unreviewed
CVE-2023-27951 was published May 8, 2023
The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3... Moderate Unreviewed
CVE-2023-27954 was published May 8, 2023
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3,... Moderate Unreviewed
CVE-2023-23538 was published May 8, 2023
Improper Access Control in /tc/rpc in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users... Moderate Unreviewed
CVE-2022-47874 was published May 2, 2023
Insecure Permissions vulnerability found in MagicJack A921 USB Phone Jack Rev 3.0 v.1.4 allows a... Moderate Unreviewed
CVE-2023-30024 was published Apr 28, 2023
Infopop Ultimate Bulletin Board up to v5.47a was discovered to allow all messages posted inside... Moderate Unreviewed
CVE-2022-25091 was published Apr 27, 2023
Access bypass in Drupal core Moderate
CVE-2022-25274 was published for drupal/core (Composer) Apr 26, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database