Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

242 advisories

Loading
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 16.11... Moderate Unreviewed
CVE-2024-3959 was published Jun 27, 2024
Evmos allows unvested token delegations Moderate
CVE-2024-37154 was published for github.com/evmos/evmos/v10 (Go) Jun 6, 2024
TYPO3 Broken Access Control in Localization Handling Moderate
GHSA-772m-43f3-hmf8 was published for typo3/cms (Composer) Jun 7, 2024
Information Disclosure in TYPO3 Backend Moderate
GHSA-vpr3-rc99-2wpr was published for typo3/cms (Composer) Jun 5, 2024
Multiple improper authorization vulnerabilities [CWE-285] in FortiWeb version 7.4.2 and below,... Moderate Unreviewed
CVE-2024-23665 was published Jun 3, 2024
Magento Insufficient authorization check when adding users to company accounts Moderate
CVE-2019-7872 was published for magento/community-edition (Composer) May 24, 2022
FOSUserBundle User Identity Validation Vulnerability Moderate
GHSA-8wx3-8m4x-g5h4 was published for friendsofsymfony/user-bundle (Composer) May 15, 2024
Certain MQTT wildcards are not blocked on the CyberPower PowerPanel system, which might result... Moderate Unreviewed
CVE-2024-31409 was published May 15, 2024
A vulnerability was found in Campcodes Online Laundry Management System 1.0. It has been... Moderate Unreviewed
CVE-2024-4819 was published May 14, 2024
A PendingIntent hijacking vulnerability was reported in the Motorola Face Unlock application... Moderate Unreviewed
CVE-2023-41819 was published May 3, 2024
Moodle Email media URL tokens were not checking for user status Moderate
CVE-2019-14883 was published for moodle/moodle (Composer) May 24, 2022
Unauthorized privilege escalation in Mod module Moderate
CVE-2020-15278 was published for red-discordbot (pip) Oct 27, 2020
Jackenmen
Bytebase allows low-privilege users to view admin projects Moderate
CVE-2022-32170 was published for github.com/bytebase/bytebase (Go) Sep 29, 2022
Keycloak users may be able to remove MFA from other users' devices Moderate
CVE-2020-10686 was published for org.keycloak:keycloak-core (Maven) May 24, 2022
A security defect in Foundry's Comments functionality resulted in the retrieval of attachments to... Moderate Unreviewed
CVE-2023-30948 was published Jun 6, 2023
Improper authorization in Intel(R) EMA Configuration Tool before version 1.0.4 and Intel(R) MC... Moderate Unreviewed
CVE-2022-41610 was published May 10, 2023
On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform... Moderate Unreviewed
CVE-2023-32717 was published Jun 1, 2023
Azure Migrate Remote Code Execution Vulnerability Moderate Unreviewed
CVE-2024-26193 was published Apr 9, 2024
A vulnerability classified as critical was found in CP Plus Wi-Fi Camera up to 20240401. Affected... Moderate Unreviewed
CVE-2024-3434 was published Apr 8, 2024
The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized access to data and... Moderate Unreviewed
CVE-2021-4335 was published Oct 20, 2023
Improper authorization in PushMsgReceiver of Samsung Assistant prior to version 8.7.00.1 allows... Moderate Unreviewed
CVE-2023-30736 was published Oct 4, 2023
Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12... Moderate Unreviewed
CVE-2023-30730 was published Sep 6, 2023
Intent redirection vulnerability in PackageInstallerCHN prior to version 13.1.03.00 allows local... Moderate Unreviewed
CVE-2023-30728 was published Sep 6, 2023
Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR... Moderate Unreviewed
CVE-2023-30714 was published Sep 6, 2023
Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to... Moderate Unreviewed
CVE-2023-30706 was published Sep 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database