GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
797 advisories
Filter by severity
Improper privilege management vulnerability in FolderLockNotifier in One UI Home prior to SMR Sep...
Moderate
Unreviewed
CVE-2023-30713
was published
Sep 6, 2023
Improper access control vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows...
Moderate
Unreviewed
CVE-2023-30716
was published
Sep 6, 2023
An Improper Privilege Management vulnerability was found in ASUSTOR Data Master (ADM) allows an...
Moderate
Unreviewed
CVE-2023-3699
was published
Aug 22, 2023
Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. A high...
Moderate
Unreviewed
CVE-2023-32490
was published
Aug 16, 2023
The Premium Packages - Sell Digital Products Securely plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2023-4293
was published
Aug 12, 2023
The Real Estate Manager plugin for WordPress is vulnerable to privilege escalation in versions up...
Moderate
Unreviewed
CVE-2023-4239
was published
Aug 9, 2023
An improper privilege check in the OTRS ticket move action in the agent interface allows any as...
Moderate
Unreviewed
CVE-2023-38058
was published
Jul 24, 2023
The Greeklish-permalink WordPress plugin through 3.3 does not implement correct authorization or...
Moderate
Unreviewed
CVE-2023-2495
was published
Jul 10, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is...
Moderate
Unreviewed
CVE-2023-29256
was published
Jul 10, 2023
An authenticated attacker granted a Viewer or Auditor role on a BIG-IQ can upload arbitrary...
Moderate
Unreviewed
CVE-2023-29240
was published
Jul 6, 2023
A CWE-269: Improper Privilege Management vulnerability exists that could cause a local user to...
Moderate
Unreviewed
CVE-2023-1548
was published
Jul 6, 2023
It is possible to manipulate the JWT token without the knowledge of the JWT secret and...
Moderate
Unreviewed
CVE-2021-4314
was published
Jul 6, 2023
Improper privilege management vulnerability in Samsung Smart Switch for Windows Installer prior...
Moderate
Unreviewed
CVE-2023-30672
was published
Jul 6, 2023
Improper privilege management vulnerability in Galaxy Themes Service prior to SMR Jul-2023...
Moderate
Unreviewed
CVE-2023-30642
was published
Jul 6, 2023
Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows...
Moderate
Unreviewed
CVE-2023-21513
was published
Jun 28, 2023
A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote...
Moderate
Unreviewed
CVE-2023-20136
was published
Jun 28, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.1 before 15...
Moderate
Unreviewed
CVE-2023-2485
was published
Jun 7, 2023
The Funnel Builder plugin for WordPress is vulnerable to authorization bypass due to a missing...
Moderate
Unreviewed
CVE-2019-25151
was published
Jun 7, 2023
Data leakage in Adobe connector in Snow Software SPE 9.27.0 on Windows allows privileged user to...
Moderate
Unreviewed
CVE-2023-2679
was published
May 17, 2023
An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before...
Moderate
Unreviewed
CVE-2023-29819
was published
May 12, 2023
Changes to user permissions in Portal for ArcGIS 10.9.1 and below are incompletely applied in...
Moderate
Unreviewed
CVE-2023-25834
was published
May 9, 2023
A valid LDAP user, under specific conditions, will default to read-only permissions when...
Moderate
Unreviewed
CVE-2023-29056
was published
Apr 29, 2023
Insecure Permissions vulnerability found in MagicJack A921 USB Phone Jack Rev 3.0 v.1.4 allows a...
Moderate
Unreviewed
CVE-2023-30024
was published
Apr 28, 2023
Bhima version 1.27.0 allows a remote attacker to update the privileges of any account registered...
Moderate
Unreviewed
CVE-2023-0959
was published
Apr 5, 2023
An improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and...
Moderate
Unreviewed
CVE-2022-38378
was published
Feb 16, 2023
ProTip!
Advisories are also available from the
GraphQL API