GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
242 advisories
Filter by severity
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 16.11...
Moderate
Unreviewed
CVE-2024-3959
was published
Jun 27, 2024
Evmos allows unvested token delegations
Moderate
CVE-2024-37154
was published
for
github.com/evmos/evmos/v10
(Go)
Jun 6, 2024
TYPO3 Broken Access Control in Localization Handling
Moderate
GHSA-772m-43f3-hmf8
was published
for
typo3/cms
(Composer)
Jun 7, 2024
Information Disclosure in TYPO3 Backend
Moderate
GHSA-vpr3-rc99-2wpr
was published
for
typo3/cms
(Composer)
Jun 5, 2024
Multiple improper authorization vulnerabilities [CWE-285] in FortiWeb version 7.4.2 and below,...
Moderate
Unreviewed
CVE-2024-23665
was published
Jun 3, 2024
Magento Insufficient authorization check when adding users to company accounts
Moderate
CVE-2019-7872
was published
for
magento/community-edition
(Composer)
May 24, 2022
FOSUserBundle User Identity Validation Vulnerability
Moderate
GHSA-8wx3-8m4x-g5h4
was published
for
friendsofsymfony/user-bundle
(Composer)
May 15, 2024
Certain MQTT wildcards are not blocked on the
CyberPower PowerPanel
system, which might result...
Moderate
Unreviewed
CVE-2024-31409
was published
May 15, 2024
A vulnerability was found in Campcodes Online Laundry Management System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-4819
was published
May 14, 2024
A PendingIntent hijacking vulnerability was reported in the Motorola Face Unlock application...
Moderate
Unreviewed
CVE-2023-41819
was published
May 3, 2024
Moodle Email media URL tokens were not checking for user status
Moderate
CVE-2019-14883
was published
for
moodle/moodle
(Composer)
May 24, 2022
Unauthorized privilege escalation in Mod module
Moderate
CVE-2020-15278
was published
for
red-discordbot
(pip)
Oct 27, 2020
Bytebase allows low-privilege users to view admin projects
Moderate
CVE-2022-32170
was published
for
github.com/bytebase/bytebase
(Go)
Sep 29, 2022
Keycloak users may be able to remove MFA from other users' devices
Moderate
CVE-2020-10686
was published
for
org.keycloak:keycloak-core
(Maven)
May 24, 2022
A security defect in Foundry's Comments functionality resulted in the retrieval of attachments to...
Moderate
Unreviewed
CVE-2023-30948
was published
Jun 6, 2023
Improper authorization in Intel(R) EMA Configuration Tool before version 1.0.4 and Intel(R) MC...
Moderate
Unreviewed
CVE-2022-41610
was published
May 10, 2023
On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform...
Moderate
Unreviewed
CVE-2023-32717
was published
Jun 1, 2023
Azure Migrate Remote Code Execution Vulnerability
Moderate
Unreviewed
CVE-2024-26193
was published
Apr 9, 2024
A vulnerability classified as critical was found in CP Plus Wi-Fi Camera up to 20240401. Affected...
Moderate
Unreviewed
CVE-2024-3434
was published
Apr 8, 2024
The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized access to data and...
Moderate
Unreviewed
CVE-2021-4335
was published
Oct 20, 2023
Improper authorization in PushMsgReceiver of Samsung Assistant prior to version 8.7.00.1 allows...
Moderate
Unreviewed
CVE-2023-30736
was published
Oct 4, 2023
Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12...
Moderate
Unreviewed
CVE-2023-30730
was published
Sep 6, 2023
Intent redirection vulnerability in PackageInstallerCHN prior to version 13.1.03.00 allows local...
Moderate
Unreviewed
CVE-2023-30728
was published
Sep 6, 2023
Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR...
Moderate
Unreviewed
CVE-2023-30714
was published
Sep 6, 2023
Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to...
Moderate
Unreviewed
CVE-2023-30706
was published
Sep 6, 2023
ProTip!
Advisories are also available from the
GraphQL API