Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,286
Erlang
31
GitHub Actions
21
Go
2,058
Maven
5,000+
npm
3,742
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

557 advisories

Loading
Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing... High Unreviewed
CVE-2023-28584 was published Sep 5, 2023
Transient DOS due to improper authorization in Modem High Unreviewed
CVE-2022-40521 was published Jun 6, 2023
Microsoft Outlook Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-21402 was published Feb 13, 2024
OpenFGA Authorization Bypass High
CVE-2024-31452 was published for github.com/openfga/openfga (Go) Apr 16, 2024
lunary-ai/lunary version 1.0.1 is vulnerable to improper authorization, allowing removed members... Critical Unreviewed
CVE-2024-1741 was published Apr 10, 2024
Cryptographic issue in HLOS during key management. High Unreviewed
CVE-2023-28556 was published Nov 14, 2023
Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA... High Unreviewed
CVE-2023-33020 was published Sep 5, 2023
Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station... High Unreviewed
CVE-2023-33019 was published Sep 5, 2023
Transient DOS due to improper authentication in modem while receiving plain TLB OTA request... High Unreviewed
CVE-2022-40536 was published Jun 6, 2023
A flaw was found in APICast, when 3Scale's OIDC module does not properly evaluate the response to... High Unreviewed
CVE-2023-0456 was published Sep 27, 2023
A vulnerability in the API subsystem of Cisco Unified Contact Center Express (Unified CCX) could... High Unreviewed
CVE-2020-3267 was published May 24, 2022
GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is... High Unreviewed
CVE-2018-19581 was published May 24, 2022
The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to authorization... High Unreviewed
CVE-2020-36696 was published Jun 7, 2023
A security defect in Foundry's Comments functionality resulted in the retrieval of attachments to... Moderate Unreviewed
CVE-2023-30948 was published Jun 6, 2023
Improper authorization in Intel(R) EMA Configuration Tool before version 1.0.4 and Intel(R) MC... Moderate Unreviewed
CVE-2022-41610 was published May 10, 2023
The Brizy plugin for WordPress is vulnerable to authorization bypass due to a incorrect... High Unreviewed
CVE-2020-36714 was published Oct 20, 2023
On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform... Moderate Unreviewed
CVE-2023-32717 was published Jun 1, 2023
Azure Migrate Remote Code Execution Vulnerability Moderate Unreviewed
CVE-2024-26193 was published Apr 9, 2024
A vulnerability classified as critical was found in CP Plus Wi-Fi Camera up to 20240401. Affected... Moderate Unreviewed
CVE-2024-3434 was published Apr 8, 2024
The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized modification of... High Unreviewed
CVE-2021-4334 was published Oct 20, 2023
The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized access to data and... Moderate Unreviewed
CVE-2021-4335 was published Oct 20, 2023
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier)... High Unreviewed
CVE-2023-38220 was published Oct 13, 2023
An improper authorization vulnerability in Fortinet FortiOS 7.0.0 - 7.0.11 and 7.2.0 - 7.2.4... High Unreviewed
CVE-2023-41841 was published Oct 10, 2023
Improper authorization vulnerability in HelpDezk Community affecting version 1.1.10. This... High Unreviewed
CVE-2023-3037 was published Oct 4, 2023
Improper authorization in PushMsgReceiver of Samsung Assistant prior to version 8.7.00.1 allows... Moderate Unreviewed
CVE-2023-30736 was published Oct 4, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database