Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

110 advisories

Loading
This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 1.1,... Low Unreviewed
CVE-2024-23262 was published Mar 8, 2024
An issue has been discovered in GitLab affecting all versions before 16.7.6, all versions... Low Unreviewed
CVE-2023-3509 was published Feb 22, 2024
Improper authorization verification vulnerability in Samsung Internet prior to version 24.0... Low Unreviewed
CVE-2024-20828 was published Feb 6, 2024
changedetection.io API endpoint is not secured with API token Low
CVE-2024-23329 was published for changedetection.io (pip) Jan 23, 2024
rozpuszczalny
Nautobot missing object-level permissions enforcement when running Job Buttons Low
CVE-2023-51649 was published for nautobot (pip) Dec 22, 2023
abdikanipd
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed... Low Unreviewed
CVE-2023-51380 was published Dec 21, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 8.17 before 16.4.4... Low Unreviewed
CVE-2023-3511 was published Dec 15, 2023
Backoffice User can bypass "Publish" restriction Low
CVE-2023-48227 was published for Umbraco.CMS (NuGet) Dec 13, 2023
roie-shmuel
An issue has been discovered in GitLab EE affecting all versions starting from 8.13 before 16.4.3... Low Unreviewed
CVE-2023-4658 was published Dec 1, 2023
An issue has been discovered in GitLab affecting all versions starting from 12.1 before 16.4.3,... Low Unreviewed
CVE-2023-3443 was published Dec 1, 2023
Mattermost Incorrect Authorization vulnerability Low
CVE-2023-5159 was published for github.com/mattermost/mattermost-server/v6 (Go) Sep 29, 2023
Mattermost Incorrect Authorization vulnerability Low
CVE-2023-5193 was published for github.com/mattermost/mattermost-server/v6 (Go) Sep 29, 2023
Sensitive information disclosure and manipulation due to improper authorization. The following... Low Unreviewed
CVE-2023-44154 was published Sep 27, 2023
The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17,... Low Unreviewed
CVE-2023-35990 was published Sep 27, 2023
There is a permission and access control vulnerability in some ZTE mobile phones. Due to... Low Unreviewed
CVE-2023-25647 was published Aug 17, 2023
Mattermost fails to properly check the authorization of POST /api/v4/teams when passing a team... Low Unreviewed
CVE-2023-3584 was published Jul 17, 2023
Mattermost WelcomeBot plugin fails to to validate the membership status when inviting or adding... Low Unreviewed
CVE-2023-3613 was published Jul 17, 2023
Temporal Server vulnerable to Incorrect Authorization and Insecure Default Initialization of Resource Low
CVE-2023-3485 was published for go.temporal.io/server (Go) Jun 30, 2023
kiwi TCMS has possibility for user to update email address to unverified one Low
CVE-2023-30544 was published for kiwitcms (pip) Apr 24, 2023
Incorrect Authorization in Jenkins Core Low
CVE-2023-27903 was published for org.jenkins-ci.main:jenkins-core (Maven) Mar 10, 2023
westonsteimel
Improper Handling of Insufficient Permissions or Privileges vulnerability in SemChameleonHelper... Low Unreviewed
CVE-2023-21424 was published Feb 9, 2023
Exposure of Sensitive Information from an Unauthorized Actor vulnerability in Samsung... Low Unreviewed
CVE-2022-39914 was published Dec 8, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T... Low Unreviewed
CVE-2022-39913 was published Dec 8, 2022
Improper access control vulnerability in RCS call prior to SMR Dec-2022 Release 1 allows local... Low Unreviewed
CVE-2022-39903 was published Dec 8, 2022
Zoho ManageEngine SupportCenter Plus through 11024 allows low-privileged users to view the... Low Unreviewed
CVE-2022-42903 was published Nov 18, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database