GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
136 advisories
Filter by severity
SAP LT Replication Server - version S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107,...
High
Unreviewed
CVE-2024-21735
was published
Jan 9, 2024
An improper authorization vulnerability [CWE-285] in Fortinet FortiADC version 7.4.0 and before 7...
High
Unreviewed
CVE-2023-41673
was published
Dec 13, 2023
SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through...
High
Unreviewed
CVE-2023-6538
was published
Dec 11, 2023
Information disclosure in SMU in Hitachi Vantara HNAS 14.8.7825.01 on Windows allows...
High
Unreviewed
CVE-2023-5808
was published
Dec 5, 2023
Cryptographic issue in HLOS during key management.
High
Unreviewed
CVE-2023-28556
was published
Nov 14, 2023
Improper Authorization in GitHub repository teamamaze/amazefileutilities prior to 1.91.
High
Unreviewed
CVE-2023-5948
was published
Nov 3, 2023
The Brizy plugin for WordPress is vulnerable to authorization bypass due to a incorrect...
High
Unreviewed
CVE-2020-36714
was published
Oct 20, 2023
The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized modification of...
High
Unreviewed
CVE-2021-4334
was published
Oct 20, 2023
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier)...
High
Unreviewed
CVE-2023-38220
was published
Oct 13, 2023
An improper authorization vulnerability in Fortinet FortiOS 7.0.0 - 7.0.11 and 7.2.0 - 7.2.4...
High
Unreviewed
CVE-2023-41841
was published
Oct 10, 2023
Garuda Linux performs an insecure user creation and authentication that allows any user to...
High
Unreviewed
CVE-2021-3784
was published
Oct 4, 2023
Improper authorization vulnerability in HelpDezk Community affecting version 1.1.10. This...
High
Unreviewed
CVE-2023-3037
was published
Oct 4, 2023
The vulnerability is the use of implicit PendingIntents without the PendingIntent.FLAG_IMMUTABLE...
High
Unreviewed
CVE-2023-44125
was published
Sep 27, 2023
The vulnerability is the use of implicit PendingIntents with the PendingIntent.FLAG_MUTABLE set...
High
Unreviewed
CVE-2023-44123
was published
Sep 27, 2023
A flaw was found in APICast, when 3Scale's OIDC module does not properly evaluate the response to...
High
Unreviewed
CVE-2023-0456
was published
Sep 27, 2023
Dell NetWorker, Version 19.7 has an improper authorization vulnerability in the NetWorker client...
High
Unreviewed
CVE-2023-28055
was published
Sep 27, 2023
** UNSUPPPORTED WHEN ASSIGNED ** Incorrect authorisation in ekorCCP and ekorRCI, which could...
High
Unreviewed
CVE-2022-47553
was published
Sep 19, 2023
A flaw was found in the Network Observability plugin for OpenShift console. Unless the Loki...
High
Unreviewed
CVE-2023-0813
was published
Sep 15, 2023
Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station...
High
Unreviewed
CVE-2023-33019
was published
Sep 5, 2023
Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing...
High
Unreviewed
CVE-2023-28584
was published
Sep 5, 2023
Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA...
High
Unreviewed
CVE-2023-33020
was published
Sep 5, 2023
A vulnerability was found in subscription-manager that allows local privilege escalation due to...
High
Unreviewed
CVE-2023-3899
was published
Aug 23, 2023
The FULL - Customer plugin for WordPress is vulnerable to Arbitrary File Upload via the /install...
High
Unreviewed
CVE-2023-4243
was published
Aug 9, 2023
The ACL (Access Control List) of SAP Message Server - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7...
High
Unreviewed
CVE-2023-37491
was published
Aug 8, 2023
A vulnerability, which was classified as critical, has been found in Xiamen Four Letter Video...
High
Unreviewed
CVE-2023-3805
was published
Jul 21, 2023
ProTip!
Advisories are also available from the
GraphQL API