GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
554 advisories
Filter by severity
The affected product DIAEnergie (versions prior to v1.9.03.001) contains improper authorization,...
High
Unreviewed
CVE-2023-0822
was published
Feb 17, 2023
PowerPath Management Appliance with versions 3.3 & 3.2* contains Authorization Bypass...
High
Unreviewed
CVE-2022-34446
was published
Feb 11, 2023
Improper Authorization in GitHub repository phpipam/phpipam prior to v1.5.1.
Moderate
Unreviewed
CVE-2023-0678
was published
Feb 4, 2023
wallabag contains Improper Authorization via export feature
Moderate
CVE-2023-0609
was published
for
wallabag/wallabag
(Composer)
Feb 2, 2023
Symfony storing cookie headers in HttpCache
Moderate
CVE-2022-24894
was published
for
symfony/http-kernel
(Composer)
Feb 1, 2023
Withdrawn: wallabag subject to Improper Authorization via annotations
Moderate
GHSA-xrw3-wqph-3fxg
was published
for
wallabag/wallabag
(Composer)
Feb 1, 2023
•
withdrawn
Withdrawn: wallabag subject to Improper Authorization
Moderate
GHSA-h45f-rjvw-2rv2
was published
for
wallabag/wallabag
(Composer)
Feb 1, 2023
•
withdrawn
A CWE-285: Improper Authorization vulnerability exists that could cause unauthorized access to...
Low
Unreviewed
CVE-2022-4062
was published
Feb 1, 2023
An improper access control vulnerability was identified in the Realtek audio driver. A local...
High
Unreviewed
CVE-2022-34405
was published
Jan 26, 2023
Authenticated user can gain unauthorized shell pod and kubectl access in the local cluster
High
CVE-2022-21953
was published
for
github.com/rancher/rancher
(Go)
Jan 25, 2023
Improper Authorization in grumpydictator/firefly-iii
Moderate
CVE-2023-0298
was published
for
grumpydictator/firefly-iii
(Composer)
Jan 14, 2023
The Royal Elementor Addons plugin for WordPress is vulnerable to insufficient access control in...
High
Unreviewed
CVE-2022-4701
was published
Jan 10, 2023
KubeOperator allows unauthorized access to system API
High
CVE-2023-22480
was published
for
github.com/KubeOperator/KubeOperator
(Go)
Jan 9, 2023
A vulnerability, which was classified as problematic, was found in jvvlee MerlinsBoard. This...
Moderate
Unreviewed
CVE-2015-10033
was published
Jan 9, 2023
A vulnerability was found in Forged Alliance Forever up to 3746. It has been declared as critical...
High
Unreviewed
CVE-2022-4879
was published
Jan 6, 2023
Froxlor Improper Authorization vulnerability
Moderate
CVE-2022-4868
was published
for
froxlor/froxlor
(Composer)
Dec 31, 2022
usememos/memos Improper Authorization vulnerability
Moderate
CVE-2022-4811
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos Improper Authorization vulnerability
Moderate
CVE-2022-4798
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos vulnerable to Improper Authorization
Moderate
CVE-2022-4802
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos Improper Authorization vulnerability
Moderate
CVE-2022-4804
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos vulnerable to improper authorization
High
CVE-2022-4688
was published
for
github.com/usememos/memos
(Go)
Dec 23, 2022
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where certain PHP...
Moderate
Unreviewed
CVE-2022-3187
was published
Dec 22, 2022
OpenFGA Authorization Bypass
High
CVE-2022-23542
was published
for
github.com/openfga/openfga
(Go)
Dec 20, 2022
A vulnerability was found in Click Studios Passwordstate and Passwordstate Browser Extension...
Moderate
Unreviewed
CVE-2022-4613
was published
Dec 19, 2022
A vulnerability, which was classified as problematic, has been found in Click Studios...
Moderate
Unreviewed
CVE-2022-3876
was published
Dec 19, 2022
ProTip!
Advisories are also available from the
GraphQL API