GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,487

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,337 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Missing Authorization in Jenkins Azure Credentials Plugin Moderate

CVE-2023-25768 was published for org.jenkins-ci.plugins:azure-credentials (Maven) Feb 15, 2023

Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 10.0.0.5... Moderate Unreviewed

CVE-2022-34397 was published Feb 13, 2023

Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023... Moderate Unreviewed

CVE-2023-21422 was published Feb 9, 2023

Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows... Moderate Unreviewed

CVE-2023-21423 was published Feb 9, 2023

An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can... Moderate Unreviewed

CVE-2022-45190 was published Feb 8, 2023

Incorrect Access Control vulnerability in Modern Honey Network commit... Moderate Unreviewed

CVE-2021-37234 was published Feb 3, 2023

An issue was discovered in Joomla! 4.0.0 through 4.2.4. A missing ACL check allows non super... Moderate Unreviewed

CVE-2023-23751 was published Feb 2, 2023

IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p2, IdentityIQ 8.2 and all 8.2 patch levels... Moderate Unreviewed

CVE-2022-45435 was published Jan 31, 2023

An issue was discovered in Rawchen blog-ssm v1.0 allows an attacker to obtain sensitive user... Moderate Unreviewed

CVE-2022-40036 was published Jan 26, 2023

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 prior to... Moderate Unreviewed

CVE-2022-3740 was published Jan 26, 2023

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Moderate Unreviewed

CVE-2023-21719 was published Jan 24, 2023

A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series... Moderate Unreviewed

CVE-2023-20018 was published Jan 20, 2023

Improper Authorization in grumpydictator/firefly-iii Moderate

CVE-2023-0298 was published for grumpydictator/firefly-iii (Composer) Jan 14, 2023

Keycloak has lack of validation of access token on client registrations endpoint Moderate

CVE-2023-0091 was published for org.keycloak:keycloak-core (Maven) Jan 12, 2023

In the GrowthExperiments extension for MediaWiki through 1.39, the growthmanagementorlist API... Moderate Unreviewed

CVE-2023-22945 was published Jan 11, 2023

Windows Boot Manager Security Feature Bypass Vulnerability. Moderate Unreviewed

CVE-2023-21560 was published Jan 11, 2023

Inappropriate implementation in in Permission prompts in Google Chrome on Android prior to 109.0... Moderate Unreviewed

CVE-2023-0133 was published Jan 10, 2023

A vulnerability, which was classified as problematic, was found in jvvlee MerlinsBoard. This... Moderate Unreviewed

CVE-2015-10033 was published Jan 9, 2023

An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed... Moderate Unreviewed

CVE-2022-46258 was published Jan 9, 2023

Huawei Aslan Children's Watch has an improper authorization vulnerability. Successful exploit... Moderate Unreviewed

CVE-2022-45874 was published Dec 28, 2022

usememos/memos Improper Authorization vulnerability Moderate

CVE-2022-4811 was published for github.com/usememos/memos (Go) Dec 28, 2022

An improper access validation vulnerability exists in airMAX AC <8.7.11, airFiber 60/LR <2.6.2,... Moderate Unreviewed

CVE-2022-44565 was published Dec 23, 2022

If a user installed an extension of a particular type, the extension could have auto-updated... Moderate Unreviewed

CVE-2022-22754 was published Dec 22, 2022

An attacker could have injected CSS into stylesheets accessible via internal URIs, such as... Moderate Unreviewed

CVE-2022-31744 was published Dec 22, 2022

Internal URLs are protected by a secret UUID key, which could have been leaked to web page... Moderate Unreviewed

CVE-2022-31746 was published Dec 22, 2022

Previous 1…23…54 Next

Previous 1 2 … 21 22 23 24 25 … 53 54 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,337 advisories