GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
519 advisories
Filter by severity
A vulnerability was found in Apollo 2.0.0/2.0.1 and classified as problematic. Affected by this...
Moderate
Unreviewed
CVE-2022-4962
was published
Jan 13, 2024
The vulnerability allows an authenticated remote attacker to perform actions exceeding their...
High
Unreviewed
CVE-2023-48252
was published
Jan 10, 2024
SAP LT Replication Server - version S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107,...
High
Unreviewed
CVE-2024-21735
was published
Jan 9, 2024
SAP S/4HANA Finance for (Advanced Payment Management) - versions SAPSCORE 128, S4CORE 107, does...
Moderate
Unreviewed
CVE-2024-21736
was published
Jan 9, 2024
An issue has been discovered in GitLab affecting all versions starting from 9.3 before 16.4.4,...
Moderate
Unreviewed
CVE-2023-5061
was published
Dec 15, 2023
In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread...
Moderate
Unreviewed
CVE-2023-50871
was published
Dec 15, 2023
An improper authorization vulnerability [CWE-285] in Fortinet FortiADC version 7.4.0 and before 7...
High
Unreviewed
CVE-2023-41673
was published
Dec 13, 2023
SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through...
High
Unreviewed
CVE-2023-6538
was published
Dec 11, 2023
Information disclosure in SMU in Hitachi Vantara HNAS 14.8.7825.01 on Windows allows...
High
Unreviewed
CVE-2023-5808
was published
Dec 5, 2023
Possible user mocking that bypasses basic authentication
Moderate
CVE-2023-48309
was published
for
next-auth
(npm)
Nov 20, 2023
Whole content of all documents of all wikis exposed to anybody with view right on Solr suggest service
High
CVE-2023-48241
was published
for
org.xwiki.platform:xwiki-platform-search-solr-query
(Maven)
Nov 20, 2023
The Gotham video-application-server service contained a race condition which would cause it to...
Low
Unreviewed
CVE-2023-30954
was published
Nov 15, 2023
Improper authorization in some Intel Battery Life Diagnostic Tool installation software before...
Moderate
Unreviewed
CVE-2023-32662
was published
Nov 14, 2023
Improper authorization in some Intel(R) QAT drivers for Windows - HW Version 2.0 before version 2...
Moderate
Unreviewed
CVE-2023-28378
was published
Nov 14, 2023
An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 through 7.2...
Moderate
Unreviewed
CVE-2023-36633
was published
Nov 14, 2023
Cryptographic issue in HLOS during key management.
High
Unreviewed
CVE-2023-28556
was published
Nov 14, 2023
Apache Airflow allows authenticated and DAG-view authorized users to modify some DAG run detail values when submitting notes
Moderate
CVE-2023-47037
was published
for
apache-airflow
(pip)
Nov 12, 2023
PrestaShop blockreassurance BO User can remove any file from server when adding a and deleting a block
Moderate
CVE-2023-47109
was published
for
prestashop/blockreassurance
(Composer)
Nov 8, 2023
Improper Authorization in GitHub repository teamamaze/amazefileutilities prior to 1.91.
High
Unreviewed
CVE-2023-5948
was published
Nov 3, 2023
EisBaer Scada - CWE-285: Improper Authorization
Critical
Unreviewed
CVE-2023-42491
was published
Oct 25, 2023
The Brizy plugin for WordPress is vulnerable to authorization bypass due to a incorrect...
High
Unreviewed
CVE-2020-36714
was published
Oct 20, 2023
The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized modification of...
High
Unreviewed
CVE-2021-4334
was published
Oct 20, 2023
The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized access to data and...
Moderate
Unreviewed
CVE-2021-4335
was published
Oct 20, 2023
React Developer Tools extension Improper Authorization vulnerability
Moderate
CVE-2023-5654
was published
for
react-devtools-core
(npm)
Oct 19, 2023
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier)...
High
Unreviewed
CVE-2023-38220
was published
Oct 13, 2023
ProTip!
Advisories are also available from the
GraphQL API