Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

173 advisories

Loading
Sensitive information disclosure due to improper authorization. The following products are... Moderate Unreviewed
CVE-2023-2782 was published May 18, 2023
Sensitive information disclosure and manipulation due to improper authorization. The following... Moderate Unreviewed
CVE-2022-45450 was published May 18, 2023
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated,... Moderate Unreviewed
CVE-2023-20182 was published May 18, 2023
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated,... Moderate Unreviewed
CVE-2023-20184 was published May 18, 2023
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated,... Moderate Unreviewed
CVE-2023-20183 was published May 18, 2023
Improper Authorization in RestAPI in Checkmk GmbH's Checkmk versions <2.1.0p28 and <2.2.0b8... Moderate Unreviewed
CVE-2023-22348 was published May 17, 2023
An improper authorization vulnerability exists in Rocket.Chat <6.0 that could allow a hacker to... Moderate Unreviewed
CVE-2023-28325 was published May 12, 2023
Improper authorization in Intel(R) EMA Configuration Tool before version 1.0.4 and Intel(R) MC... Moderate Unreviewed
CVE-2022-41610 was published May 10, 2023
Improper authorization in the Intel(R) SCS software all versions may allow an authenticated user... Moderate Unreviewed
CVE-2022-43465 was published May 10, 2023
Improper authorization in the Intel(R) EMA software before version 1.9.0.0 may allow an... Moderate Unreviewed
CVE-2022-45128 was published May 10, 2023
A vulnerability has been discovered in Rocket.Chat, where editing messages can change the... Moderate Unreviewed
CVE-2023-28317 was published May 10, 2023
A vulnerability has been discovered in Rocket.Chat, where messages can be hidden regardless of... Moderate Unreviewed
CVE-2023-28318 was published May 10, 2023
A vulnerability was found in SourceCodester Service Provider Management System 1.0 and classified... Moderate Unreviewed
CVE-2023-2345 was published Apr 27, 2023
Improper Authorization in GitHub repository phpipam/phpipam prior to v1.5.1. Moderate Unreviewed
CVE-2023-0678 was published Feb 4, 2023
A vulnerability, which was classified as problematic, was found in jvvlee MerlinsBoard. This... Moderate Unreviewed
CVE-2015-10033 was published Jan 9, 2023
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where certain PHP... Moderate Unreviewed
CVE-2022-3187 was published Dec 22, 2022
A vulnerability was found in Click Studios Passwordstate and Passwordstate Browser Extension... Moderate Unreviewed
CVE-2022-4613 was published Dec 19, 2022
A vulnerability, which was classified as problematic, has been found in Click Studios... Moderate Unreviewed
CVE-2022-3876 was published Dec 19, 2022
Cloud Mobility for Dell Storage versions 1.3.0 and earlier contains an Improper Access Control... Moderate Unreviewed
CVE-2022-34434 was published Oct 11, 2022
Improper authorization vulnerability in Samsung Internet prior to version 18.0.4.14 allows... Moderate Unreviewed
CVE-2022-39873 was published Oct 7, 2022
Improper Authorization vulnerability in setDualDARPolicyCmd prior to SMR Sep-2022 Release 1... Moderate Unreviewed
CVE-2022-36848 was published Sep 10, 2022
The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting... Moderate Unreviewed
CVE-2022-2461 was published Sep 7, 2022
Using off-the-shelf commodity hardware, the Unitree Go 1 robotics platform version H0.1.7 and H0... Moderate Unreviewed
CVE-2022-2675 was published Aug 6, 2022
A flaw was found in pki-core, which could allow a user to get a certificate for another user... Moderate Unreviewed
CVE-2022-2393 was published Jul 15, 2022
Improper authorization vulnerability in Knoxguard prior to SMR Jul-2022 Release 1 allows local... Moderate Unreviewed
CVE-2022-33702 was published Jul 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database