Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,426
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,670
Pub
13
RubyGems
1,029
Rust
1,212
Swift
53
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

581 advisories

Loading
The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to... High Unreviewed
CVE-2023-2496 was published May 24, 2023
Sensitive information disclosure due to improper authorization. The following products are... Moderate Unreviewed
CVE-2023-2782 was published May 18, 2023
Sensitive information disclosure and manipulation due to improper authorization. The following... Moderate Unreviewed
CVE-2022-45450 was published May 18, 2023
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated,... Moderate Unreviewed
CVE-2023-20182 was published May 18, 2023
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated,... Moderate Unreviewed
CVE-2023-20183 was published May 18, 2023
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated,... Moderate Unreviewed
CVE-2023-20184 was published May 18, 2023
Improper Authorization in RestAPI in Checkmk GmbH's Checkmk versions <2.1.0p28 and <2.2.0b8... Moderate Unreviewed
CVE-2023-22348 was published May 17, 2023
An improper authorization vulnerability exists in Rocket.Chat <6.0 that could allow a hacker to... Moderate Unreviewed
CVE-2023-28325 was published May 12, 2023
Improper authorization in Intel(R) EMA Configuration Tool before version 1.0.4 and Intel(R) MC... Moderate Unreviewed
CVE-2022-41610 was published May 10, 2023
Improper authorization in the Intel(R) SCS software all versions may allow an authenticated user... Moderate Unreviewed
CVE-2022-43465 was published May 10, 2023
Improper authorization in the Intel(R) EMA software before version 1.9.0.0 may allow an... Moderate Unreviewed
CVE-2022-45128 was published May 10, 2023
A vulnerability has been discovered in Rocket.Chat, where editing messages can change the... Moderate Unreviewed
CVE-2023-28317 was published May 10, 2023
A vulnerability has been discovered in Rocket.Chat, where messages can be hidden regardless of... Moderate Unreviewed
CVE-2023-28318 was published May 10, 2023
Improper access control in Samsung Core Service prior to version 2.1.00.36 allows attacker to... High Unreviewed
CVE-2023-21505 was published May 4, 2023
This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS... Critical Unreviewed
CVE-2023-30467 was published Apr 28, 2023
A vulnerability was found in SourceCodester Service Provider Management System 1.0 and classified... Moderate Unreviewed
CVE-2023-2345 was published Apr 27, 2023
An Improper Authorization vulnerability in the 'sysmanctl' shell command of Juniper Networks... High Unreviewed
CVE-2023-28973 was published Apr 18, 2023
Improper Authorization vulnerability in ForgeRock Inc. Access Management allows Authentication... Critical Unreviewed
CVE-2022-3748 was published Apr 14, 2023
Improper authorization in Gitlab EE affecting all versions from 12.3.0 before 15.8.5, all... Moderate Unreviewed
CVE-2023-1167 was published Apr 5, 2023
A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows... High Unreviewed
CVE-2022-3787 was published Mar 29, 2023
The listed versions of AVEVA Plant SCADA and AVEVA Telemetry Server are vulnerable to an improper... Critical Unreviewed
CVE-2023-1256 was published Mar 16, 2023
A vulnerability was found in kylin-activation and classified as critical. Affected by this issue... High Unreviewed
CVE-2023-1164 was published Mar 3, 2023
The affected product DIAEnergie (versions prior to v1.9.03.001) contains improper authorization,... High Unreviewed
CVE-2023-0822 was published Feb 17, 2023
PowerPath Management Appliance with versions 3.3 & 3.2* contains Authorization Bypass... High Unreviewed
CVE-2022-34446 was published Feb 11, 2023
Because the web management interface for Unified Intents' Unified Remote solution does not itself... Critical Unreviewed
CVE-2022-3229 was published Feb 7, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database