Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

554 advisories

Loading
A vulnerability was found in subscription-manager that allows local privilege escalation due to... High Unreviewed
CVE-2023-3899 was published Aug 23, 2023
Parameter verification vulnerability in the installd module. Successful exploitation of this... Critical Unreviewed
CVE-2023-39403 was published Aug 13, 2023
Parameter verification vulnerability in the installd module. Successful exploitation of this... Critical Unreviewed
CVE-2023-39400 was published Aug 13, 2023
Parameter verification vulnerability in the installd module. Successful exploitation of this... Critical Unreviewed
CVE-2023-39399 was published Aug 13, 2023
Parameter verification vulnerability in the installd module. Successful exploitation of this... Critical Unreviewed
CVE-2023-39401 was published Aug 13, 2023
Parameter verification vulnerability in the installd module. Successful exploitation of this... Critical Unreviewed
CVE-2023-39402 was published Aug 13, 2023
Parameter verification vulnerability in the installd module. Successful exploitation of this... Critical Unreviewed
CVE-2023-39398 was published Aug 13, 2023
Improper authorization in the Intel(R) NUC Pro Software Suite for Windows before version 2.0.0.9... Moderate Unreviewed
CVE-2023-28385 was published Aug 11, 2023
Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows... Moderate Unreviewed
CVE-2023-30704 was published Aug 10, 2023
Consul JWT Auth in L7 Intentions Allow for Mismatched Service Identity and JWT Providers High
CVE-2023-3518 was published for github.com/hashicorp/consul (Go) Aug 9, 2023
anonymous4ACL24
The FULL - Customer plugin for WordPress is vulnerable to Arbitrary File Upload via the /install... High Unreviewed
CVE-2023-4243 was published Aug 9, 2023
The ACL (Access Control List) of SAP Message Server - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7... High Unreviewed
CVE-2023-37491 was published Aug 8, 2023
The ACF Photo Gallery Field plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed
CVE-2023-3957 was published Jul 27, 2023
Improper authorization on debug and artifact file downloads High
CVE-2023-36826 was published for sentry (pip) Jul 25, 2023
Swatinem
Improper privilege validation in Command Centre Server allows authenticated unprivileged... Moderate Unreviewed
CVE-2023-23568 was published Jul 25, 2023
Improper privilege validation in Command Centre Server allows authenticated unprivileged... Moderate Unreviewed
CVE-2023-25074 was published Jul 25, 2023
Improper privilege validation in Command Centre Server allows authenticated operators to modify... Moderate Unreviewed
CVE-2023-22428 was published Jul 25, 2023
A vulnerability, which was classified as critical, has been found in Xiamen Four Letter Video... High Unreviewed
CVE-2023-3805 was published Jul 21, 2023
Wyse Management Suite versions prior to 4.0 contain an improper authorization vulnerability. An... Moderate Unreviewed
CVE-2023-32482 was published Jul 20, 2023
Pimcore Customer Management Framework vulnerable to Improper Authorization in Rules Controller Moderate
CVE-2023-3574 was published for pimcore/customer-management-framework-bundle (Composer) Jul 10, 2023
aqngoc
The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed
CVE-2023-1910 was published Jul 6, 2023
In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below... High Unreviewed
CVE-2023-32707 was published Jul 6, 2023
In Splunk Enterprise versions below 9.0.5, 8.2.11. and 8.1.14, and Splunk Cloud Platform versions... Moderate Unreviewed
CVE-2023-32709 was published Jul 6, 2023
Improper Authorization vulnerability in OTRS AG OTRS 8 (Websocket API backend) allows any as... High Unreviewed
CVE-2023-2534 was published Jul 6, 2023
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘sendemail’ REST API endpoint... Moderate Unreviewed
CVE-2023-22938 was published Jul 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database