Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,479
Maven
5,000+
npm
5,000+
NuGet
886
pip
4,740
Pub
13
RubyGems
1,031
Rust
1,225
Swift
53
Unreviewed advisories
All unreviewed
5,000+

41 advisories

Loading
An attacker with local access to the machine could record the traffic, which could allow them... Low Unreviewed
CVE-2023-24476 was published Jun 8, 2023
A CWE-285: Improper Authorization vulnerability exists that could cause unauthorized access to... Low Unreviewed
CVE-2022-4062 was published Feb 1, 2023
Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows... Low Unreviewed
CVE-2022-39879 was published Nov 10, 2022
Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical... Low Unreviewed
CVE-2022-36876 was published Sep 10, 2022
Improper Authorization vulnerability in Video Editor prior to SMR Sep-2022 Release 1 allows local... Low Unreviewed
CVE-2022-36852 was published Sep 10, 2022
Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows... Low Unreviewed
CVE-2022-36857 was published Sep 10, 2022
Information exposure in Calendar prior to version 12.3.05.10000 allows attacker to access... Low Unreviewed
CVE-2022-33705 was published Jul 13, 2022
Improper authorization in isemtelephony prior to SMR Jul-2022 Release 1 allows attacker to obtain... Low Unreviewed
CVE-2022-30757 was published Jul 13, 2022
Adobe Experience Manager Cloud Service offering, as well as versions 6.5.8.0 (and below) is... Low Unreviewed
CVE-2021-28626 was published May 24, 2022
Magento 2 Community Edition vulnerable to Improper Authorization Low
CVE-2020-24404 was published for magento/community-edition (Composer) May 24, 2022
Magento incorrect user permissions vulnerability within the Inventory component Low
CVE-2020-24403 was published for magento/community-edition (Composer) May 24, 2022
cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing (SEC-382). Low Unreviewed
CVE-2018-20927 was published May 24, 2022
Nextcloud Server before 10.0.4 and 11.0.2 are vulnerable to disclosure of calendar and... Low Unreviewed
CVE-2017-0895 was published May 13, 2022
Improper authorization in TelephonyManager prior to SMR Jan-2022 Release 1 allows attackers to... Low Unreviewed
CVE-2022-22272 was published Jan 11, 2022
Potential privilege escalation on Kubernetes >= v1.19 when the Argo Sever is run with `--auth-mode=client` Low
GHSA-prqf-xr2j-xf65 was published for github.com/argoproj/argo-workflows/v3 (Go) Aug 23, 2021
Authorization Bypass in graphql-shield Low
GHSA-hx78-272p-mqqh was published for graphql-shield (npm) Sep 3, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database