Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

554 advisories

Loading
The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized modification of... High Unreviewed
CVE-2021-4334 was published Oct 20, 2023
The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized access to data and... Moderate Unreviewed
CVE-2021-4335 was published Oct 20, 2023
React Developer Tools extension Improper Authorization vulnerability Moderate
CVE-2023-5654 was published for react-devtools-core (npm) Oct 19, 2023
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier)... High Unreviewed
CVE-2023-38220 was published Oct 13, 2023
An improper authorization vulnerability in Fortinet FortiOS 7.0.0 - 7.0.11 and 7.2.0 - 7.2.4... High Unreviewed
CVE-2023-41841 was published Oct 10, 2023
Garuda Linux performs an insecure user creation and authentication that allows any user to... High Unreviewed
CVE-2021-3784 was published Oct 4, 2023
Improper authorization vulnerability in HelpDezk Community affecting version 1.1.10. This... High Unreviewed
CVE-2023-3037 was published Oct 4, 2023
Improper authorization in PushMsgReceiver of Samsung Assistant prior to version 8.7.00.1 allows... Moderate Unreviewed
CVE-2023-30736 was published Oct 4, 2023
An improper authorization issue has been discovered in GitLab CE/EE affecting all versions... Moderate Unreviewed
CVE-2023-2233 was published Sep 29, 2023
A vulnerability in the Authentication, Authorization, and Accounting (AAA) feature of Cisco IOS... Critical Unreviewed
CVE-2023-20186 was published Sep 27, 2023
Sensitive information disclosure and manipulation due to improper authorization. The following... Low Unreviewed
CVE-2023-44154 was published Sep 27, 2023
The vulnerability is the use of implicit PendingIntents with the PendingIntent.FLAG_MUTABLE set... High Unreviewed
CVE-2023-44123 was published Sep 27, 2023
The vulnerability is the use of implicit PendingIntents without the PendingIntent.FLAG_IMMUTABLE... High Unreviewed
CVE-2023-44125 was published Sep 27, 2023
A flaw was found in APICast, when 3Scale's OIDC module does not properly evaluate the response to... High Unreviewed
CVE-2023-0456 was published Sep 27, 2023
Dell NetWorker, Version 19.7 has an improper authorization vulnerability in the NetWorker client... High Unreviewed
CVE-2023-28055 was published Sep 27, 2023
matrix-synapse vulnerable to improper validation of receipts allows forged read receipts Moderate
CVE-2023-42453 was published for matrix-synapse (pip) Sep 26, 2023
** UNSUPPPORTED WHEN ASSIGNED ** Incorrect authorisation in ekorCCP and ekorRCI, which could... High Unreviewed
CVE-2022-47553 was published Sep 19, 2023
A flaw was found in the Network Observability plugin for OpenShift console. Unless the Loki... High Unreviewed
CVE-2023-0813 was published Sep 15, 2023
Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12... Moderate Unreviewed
CVE-2023-30730 was published Sep 6, 2023
Intent redirection vulnerability in PackageInstallerCHN prior to version 13.1.03.00 allows local... Moderate Unreviewed
CVE-2023-30728 was published Sep 6, 2023
Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR... Moderate Unreviewed
CVE-2023-30714 was published Sep 6, 2023
Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to... Moderate Unreviewed
CVE-2023-30706 was published Sep 6, 2023
Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing... High Unreviewed
CVE-2023-28584 was published Sep 5, 2023
Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station... High Unreviewed
CVE-2023-33019 was published Sep 5, 2023
Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA... High Unreviewed
CVE-2023-33020 was published Sep 5, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database