GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
251 advisories
Filter by severity
An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7...
Moderate
Unreviewed
CVE-2024-0456
was published
Jan 26, 2024
A vulnerability was found in Apollo 2.0.0/2.0.1 and classified as problematic. Affected by this...
Moderate
Unreviewed
CVE-2022-4962
was published
Jan 13, 2024
SAP S/4HANA Finance for (Advanced Payment Management) - versions SAPSCORE 128, S4CORE 107, does...
Moderate
Unreviewed
CVE-2024-21736
was published
Jan 9, 2024
An issue has been discovered in GitLab affecting all versions starting from 9.3 before 16.4.4,...
Moderate
Unreviewed
CVE-2023-5061
was published
Dec 15, 2023
In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread...
Moderate
Unreviewed
CVE-2023-50871
was published
Dec 15, 2023
Possible user mocking that bypasses basic authentication
Moderate
CVE-2023-48309
was published
for
next-auth
(npm)
Nov 20, 2023
Improper authorization in some Intel Battery Life Diagnostic Tool installation software before...
Moderate
Unreviewed
CVE-2023-32662
was published
Nov 14, 2023
Improper authorization in some Intel(R) QAT drivers for Windows - HW Version 2.0 before version 2...
Moderate
Unreviewed
CVE-2023-28378
was published
Nov 14, 2023
An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 through 7.2...
Moderate
Unreviewed
CVE-2023-36633
was published
Nov 14, 2023
Apache Airflow allows authenticated and DAG-view authorized users to modify some DAG run detail values when submitting notes
Moderate
CVE-2023-47037
was published
for
apache-airflow
(pip)
Nov 12, 2023
PrestaShop blockreassurance BO User can remove any file from server when adding a and deleting a block
Moderate
CVE-2023-47109
was published
for
prestashop/blockreassurance
(Composer)
Nov 8, 2023
The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized access to data and...
Moderate
Unreviewed
CVE-2021-4335
was published
Oct 20, 2023
React Developer Tools extension Improper Authorization vulnerability
Moderate
CVE-2023-5654
was published
for
react-devtools-core
(npm)
Oct 19, 2023
Improper authorization in PushMsgReceiver of Samsung Assistant prior to version 8.7.00.1 allows...
Moderate
Unreviewed
CVE-2023-30736
was published
Oct 4, 2023
An improper authorization issue has been discovered in GitLab CE/EE affecting all versions...
Moderate
Unreviewed
CVE-2023-2233
was published
Sep 29, 2023
matrix-synapse vulnerable to improper validation of receipts allows forged read receipts
Moderate
CVE-2023-42453
was published
for
matrix-synapse
(pip)
Sep 26, 2023
Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR...
Moderate
Unreviewed
CVE-2023-30714
was published
Sep 6, 2023
Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12...
Moderate
Unreviewed
CVE-2023-30730
was published
Sep 6, 2023
Intent redirection vulnerability in PackageInstallerCHN prior to version 13.1.03.00 allows local...
Moderate
Unreviewed
CVE-2023-30728
was published
Sep 6, 2023
Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to...
Moderate
Unreviewed
CVE-2023-30706
was published
Sep 6, 2023
Improper authorization in the Intel(R) NUC Pro Software Suite for Windows before version 2.0.0.9...
Moderate
Unreviewed
CVE-2023-28385
was published
Aug 11, 2023
Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows...
Moderate
Unreviewed
CVE-2023-30704
was published
Aug 10, 2023
The ACF Photo Gallery Field plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2023-3957
was published
Jul 27, 2023
Improper privilege validation in Command Centre Server allows authenticated unprivileged...
Moderate
Unreviewed
CVE-2023-23568
was published
Jul 25, 2023
Improper privilege validation in Command Centre Server allows authenticated unprivileged...
Moderate
Unreviewed
CVE-2023-25074
was published
Jul 25, 2023
ProTip!
Advisories are also available from the
GraphQL API