Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

146 advisories

Loading
D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2023-32168 was published May 3, 2024
A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight... High Unreviewed
CVE-2023-47166 was published May 1, 2024
An incorrect authorization vulnerability has been reported to affect several QNAP operating... High Unreviewed
CVE-2023-50363 was published Apr 26, 2024
A race condition flaw was found in sssd where the GPO policy is not consistently applied for... High Unreviewed
CVE-2023-3758 was published Apr 18, 2024
Permission verification vulnerability in the Settings module. Impact: Successful exploitation of... High Unreviewed
CVE-2023-52539 was published Apr 8, 2024
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, where it allows a guest... High Unreviewed
CVE-2024-0077 was published Mar 28, 2024
Privileges are not fully verified server-side, which can be abused by a user with limited... High Unreviewed
CVE-2024-28029 was published Mar 22, 2024
Microsoft Outlook Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-21402 was published Feb 13, 2024
IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions... High Unreviewed
CVE-2023-40683 was published Jan 19, 2024
The vulnerability allows an authenticated remote attacker to perform actions exceeding their... High Unreviewed
CVE-2023-48252 was published Jan 10, 2024
SAP LT Replication Server - version S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107,... High Unreviewed
CVE-2024-21735 was published Jan 9, 2024
An improper authorization vulnerability [CWE-285] in Fortinet FortiADC version 7.4.0 and before 7... High Unreviewed
CVE-2023-41673 was published Dec 13, 2023
SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through... High Unreviewed
CVE-2023-6538 was published Dec 11, 2023
Information disclosure in SMU in Hitachi Vantara HNAS 14.8.7825.01 on Windows allows... High Unreviewed
CVE-2023-5808 was published Dec 5, 2023
Cryptographic issue in HLOS during key management. High Unreviewed
CVE-2023-28556 was published Nov 14, 2023
Improper Authorization in GitHub repository teamamaze/amazefileutilities prior to 1.91. High Unreviewed
CVE-2023-5948 was published Nov 3, 2023
The Brizy plugin for WordPress is vulnerable to authorization bypass due to a incorrect... High Unreviewed
CVE-2020-36714 was published Oct 20, 2023
The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized modification of... High Unreviewed
CVE-2021-4334 was published Oct 20, 2023
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier)... High Unreviewed
CVE-2023-38220 was published Oct 13, 2023
An improper authorization vulnerability in Fortinet FortiOS 7.0.0 - 7.0.11 and 7.2.0 - 7.2.4... High Unreviewed
CVE-2023-41841 was published Oct 10, 2023
Garuda Linux performs an insecure user creation and authentication that allows any user to... High Unreviewed
CVE-2021-3784 was published Oct 4, 2023
Improper authorization vulnerability in HelpDezk Community affecting version 1.1.10. This... High Unreviewed
CVE-2023-3037 was published Oct 4, 2023
The vulnerability is the use of implicit PendingIntents with the PendingIntent.FLAG_MUTABLE set... High Unreviewed
CVE-2023-44123 was published Sep 27, 2023
The vulnerability is the use of implicit PendingIntents without the PendingIntent.FLAG_IMMUTABLE... High Unreviewed
CVE-2023-44125 was published Sep 27, 2023
Dell NetWorker, Version 19.7 has an improper authorization vulnerability in the NetWorker client... High Unreviewed
CVE-2023-28055 was published Sep 27, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database