Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

87 advisories

Loading
An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions... Low Unreviewed
CVE-2022-2456 was published Aug 6, 2022
An issue has been discovered in GitLab EE affecting all versions before 15.0.5, all versions... Low Unreviewed
CVE-2022-2459 was published Aug 6, 2022
Byobu user preference to prevent private discussions being started are not respected Low
CVE-2022-35921 was published for fof/byobu (Composer) Aug 6, 2022
In Settings, there is a possible way for an application without permissions to read content of... Low Unreviewed
CVE-2022-20321 was published Aug 13, 2022
Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may... Low Unreviewed
CVE-2021-23188 was published Aug 19, 2022
An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment... Low Unreviewed
CVE-2022-36117 was published Aug 26, 2022
Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows... Low Unreviewed
CVE-2022-36857 was published Sep 10, 2022
Improper Authorization vulnerability in Video Editor prior to SMR Sep-2022 Release 1 allows local... Low Unreviewed
CVE-2022-36852 was published Sep 10, 2022
Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical... Low Unreviewed
CVE-2022-36876 was published Sep 10, 2022
A vulnerability has been found in SourceCodester Simple Cold Storage Management System 1.0 and... Low Unreviewed
CVE-2022-3582 was published Oct 18, 2022
Zoho ManageEngine SupportCenter Plus through 11024 allows low-privileged users to view the... Low Unreviewed
CVE-2022-42903 was published Nov 18, 2022
Improper access control vulnerability in RCS call prior to SMR Dec-2022 Release 1 allows local... Low Unreviewed
CVE-2022-39903 was published Dec 8, 2022
Exposure of Sensitive Information from an Unauthorized Actor vulnerability in Samsung... Low Unreviewed
CVE-2022-39914 was published Dec 8, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T... Low Unreviewed
CVE-2022-39913 was published Dec 8, 2022
Improper Handling of Insufficient Permissions or Privileges vulnerability in SemChameleonHelper... Low Unreviewed
CVE-2023-21424 was published Feb 9, 2023
Incorrect Authorization in Jenkins Core Low
CVE-2023-27903 was published for org.jenkins-ci.main:jenkins-core (Maven) Mar 10, 2023
westonsteimel
kiwi TCMS has possibility for user to update email address to unverified one Low
CVE-2023-30544 was published for kiwitcms (pip) Apr 24, 2023
Synapse has URL deny list bypass via oEmbed and image URLs when generating previews Low
CVE-2023-32683 was published for matrix-synapse (pip) Jun 6, 2023
Temporal Server vulnerable to Incorrect Authorization and Insecure Default Initialization of Resource Low
CVE-2023-3485 was published for go.temporal.io/server (Go) Jun 30, 2023
Mattermost fails to properly check the authorization of POST /api/v4/teams when passing a team... Low Unreviewed
CVE-2023-3584 was published Jul 17, 2023
Mattermost WelcomeBot plugin fails to to validate the membership status when inviting or adding... Low Unreviewed
CVE-2023-3613 was published Jul 17, 2023
There is a permission and access control vulnerability in some ZTE mobile phones. Due to... Low Unreviewed
CVE-2023-25647 was published Aug 17, 2023
Sensitive information disclosure and manipulation due to improper authorization. The following... Low Unreviewed
CVE-2023-44154 was published Sep 27, 2023
Mattermost Incorrect Authorization vulnerability Low
CVE-2023-5193 was published for github.com/mattermost/mattermost-server/v6 (Go) Sep 29, 2023
Mattermost Incorrect Authorization vulnerability Low
CVE-2023-5159 was published for github.com/mattermost/mattermost-server/v6 (Go) Sep 29, 2023
ProTip! Advisories are also available from the GraphQL API