Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,339
Erlang
31
GitHub Actions
22
Go
2,099
Maven
5,000+
npm
3,763
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
883
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

746 advisories

Loading
A incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 -... High Unreviewed
CVE-2022-40681 was published Nov 14, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 15.3 prior to 16.2... High Unreviewed
CVE-2023-4379 was published Nov 9, 2023
TOTOLINK A3300R V17.0.0cu.557_B20221024 is vulnerable to Incorrect Access Control. Attackers are... High Unreviewed
CVE-2023-46992 was published Oct 31, 2023
An issue in the component SuperUserSetuserModuleFrontController:init() of idnovate superuser... High Unreviewed
CVE-2023-45899 was published Oct 31, 2023
In Sim, there is a possible way to evade mobile preference restrictions due to a permission... High Unreviewed
CVE-2023-21390 was published Oct 30, 2023
An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP... High Unreviewed
CVE-2023-46753 was published Oct 26, 2023
The Brizy plugin for WordPress is vulnerable to authorization bypass due to a incorrect... High Unreviewed
CVE-2020-36714 was published Oct 20, 2023
The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized modification of... High Unreviewed
CVE-2021-4334 was published Oct 20, 2023
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier)... High Unreviewed
CVE-2023-38218 was published Oct 13, 2023
There is an interface unauthorized access vulnerability in the background of Tencent Enterprise... High Unreviewed
CVE-2023-40829 was published Oct 12, 2023
Incorrect Authorization in GitHub repository tiann/kernelsu prior to v0.6.9. High Unreviewed
CVE-2023-5521 was published Oct 11, 2023
An incorrect authorization vulnerability [CWE-863] in FortiMail webmail version 7.2.0 through 7.2... High Unreviewed
CVE-2023-36556 was published Oct 10, 2023
An issue in NETIS SYSTEMS N3Mv2 v.1.0.1.865 allows a remote attacker to cause a denial of service... High Unreviewed
CVE-2023-44860 was published Oct 7, 2023
A flaw was found in OpenShift API, as admission checks do not enforce "custom-host" permissions.... High Unreviewed
CVE-2022-3248 was published Oct 5, 2023
An improper access control flaw was found in Candlepin. An attacker can create data scoped under... High Unreviewed
CVE-2023-1832 was published Oct 4, 2023
Improper authorisation of regular users in ProIntegra Uptime DC software (versions below 2.0.0... High Unreviewed
CVE-2023-4997 was published Oct 4, 2023
An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12... High Unreviewed
CVE-2023-5106 was published Oct 2, 2023
** UNSUPPPORTED WHEN ASSIGNED ** Incorrect authorisation in ekorCCP and ekorRCI, which could... High Unreviewed
CVE-2022-47553 was published Sep 19, 2023
Weak access control in Wing FTP Server (Admin Web Client) allows for privilege escalation.This... High Unreviewed
CVE-2023-37881 was published Sep 15, 2023
A Privilege escalation vulnerability exists in Trellix Windows DLP endpoint for windows which... High Unreviewed
CVE-2023-4814 was published Sep 14, 2023
A vulnerability in the access control list (ACL) processing on MPLS interfaces in the ingress... High Unreviewed
CVE-2023-20191 was published Sep 13, 2023
IBM Aspera Faspex 5.0.5 could allow a malicious actor to bypass IP whitelist restrictions using a... High Unreviewed
CVE-2023-30995 was published Sep 8, 2023
The Media from FTP WordPress plugin before 11.17 does not properly limit who can use the plugin,... High Unreviewed
CVE-2023-4019 was published Sep 4, 2023
A vulnerability was found in subscription-manager that allows local privilege escalation due to... High Unreviewed
CVE-2023-3899 was published Aug 23, 2023
TN-5900 Series firmware version v3.3 and prior is vulnerable to improper-authentication... High Unreviewed
CVE-2023-33237 was published Aug 17, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database