Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,109
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
887
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

146 advisories

Loading
A flaw was found in APICast, when 3Scale's OIDC module does not properly evaluate the response to... High Unreviewed
CVE-2023-0456 was published Sep 27, 2023
** UNSUPPPORTED WHEN ASSIGNED ** Incorrect authorisation in ekorCCP and ekorRCI, which could... High Unreviewed
CVE-2022-47553 was published Sep 19, 2023
A flaw was found in the Network Observability plugin for OpenShift console. Unless the Loki... High Unreviewed
CVE-2023-0813 was published Sep 15, 2023
Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA... High Unreviewed
CVE-2023-33020 was published Sep 5, 2023
Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station... High Unreviewed
CVE-2023-33019 was published Sep 5, 2023
Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing... High Unreviewed
CVE-2023-28584 was published Sep 5, 2023
A vulnerability was found in subscription-manager that allows local privilege escalation due to... High Unreviewed
CVE-2023-3899 was published Aug 23, 2023
The FULL - Customer plugin for WordPress is vulnerable to Arbitrary File Upload via the /install... High Unreviewed
CVE-2023-4243 was published Aug 9, 2023
The ACL (Access Control List) of SAP Message Server - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7... High Unreviewed
CVE-2023-37491 was published Aug 8, 2023
A vulnerability, which was classified as critical, has been found in Xiamen Four Letter Video... High Unreviewed
CVE-2023-3805 was published Jul 21, 2023
In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below... High Unreviewed
CVE-2023-32707 was published Jul 6, 2023
Improper Authorization vulnerability in OTRS AG OTRS 8 (Websocket API backend) allows any as... High Unreviewed
CVE-2023-2534 was published Jul 6, 2023
A CWE-285: Improper Authorization vulnerability exists that could cause Denial of Service against... High Unreviewed
CVE-2023-22610 was published Jul 6, 2023
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a... High Unreviewed
CVE-2023-25517 was published Jul 4, 2023
By changing the filename parameter in the request, an attacker could delete any file with the... High Unreviewed
CVE-2023-29152 was published Jun 8, 2023
The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to authorization... High Unreviewed
CVE-2020-36696 was published Jun 7, 2023
Transient DOS due to improper authentication in modem while receiving plain TLB OTA request... High Unreviewed
CVE-2022-40536 was published Jun 6, 2023
Transient DOS due to improper authorization in Modem High Unreviewed
CVE-2022-40521 was published Jun 6, 2023
The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to... High Unreviewed
CVE-2023-2496 was published May 24, 2023
Improper access control in Samsung Core Service prior to version 2.1.00.36 allows attacker to... High Unreviewed
CVE-2023-21505 was published May 4, 2023
An Improper Authorization vulnerability in the 'sysmanctl' shell command of Juniper Networks... High Unreviewed
CVE-2023-28973 was published Apr 18, 2023
A vulnerability was found in kylin-activation and classified as critical. Affected by this issue... High Unreviewed
CVE-2023-1164 was published Mar 3, 2023
The affected product DIAEnergie (versions prior to v1.9.03.001) contains improper authorization,... High Unreviewed
CVE-2023-0822 was published Feb 17, 2023
PowerPath Management Appliance with versions 3.3 & 3.2* contains Authorization Bypass... High Unreviewed
CVE-2022-34446 was published Feb 11, 2023
An improper access control vulnerability was identified in the Realtek audio driver. A local... High Unreviewed
CVE-2022-34405 was published Jan 26, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database