Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,744
Maven
5,000+
npm
4,341
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

191 advisories

Loading
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a... High Unreviewed
CVE-2023-25517 was published Jul 4, 2023
By changing the filename parameter in the request, an attacker could delete any file with the... High Unreviewed
CVE-2023-29152 was published Jun 8, 2023
The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to authorization... High Unreviewed
CVE-2020-36696 was published Jun 7, 2023
Transient DOS due to improper authentication in modem while receiving plain TLB OTA request... High Unreviewed
CVE-2022-40536 was published Jun 6, 2023
Transient DOS due to improper authorization in Modem High Unreviewed
CVE-2022-40521 was published Jun 6, 2023
The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to... High Unreviewed
CVE-2023-2496 was published May 24, 2023
Improper access control in Samsung Core Service prior to version 2.1.00.36 allows attacker to... High Unreviewed
CVE-2023-21505 was published May 4, 2023
An Improper Authorization vulnerability in the 'sysmanctl' shell command of Juniper Networks... High Unreviewed
CVE-2023-28973 was published Apr 18, 2023
A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows... High Unreviewed
CVE-2022-3787 was published Mar 29, 2023
A vulnerability was found in kylin-activation and classified as critical. Affected by this issue... High Unreviewed
CVE-2023-1164 was published Mar 3, 2023
The affected product DIAEnergie (versions prior to v1.9.03.001) contains improper authorization,... High Unreviewed
CVE-2023-0822 was published Feb 17, 2023
PowerPath Management Appliance with versions 3.3 & 3.2* contains Authorization Bypass... High Unreviewed
CVE-2022-34446 was published Feb 11, 2023
An improper access control vulnerability was identified in the Realtek audio driver. A local... High Unreviewed
CVE-2022-34405 was published Jan 26, 2023
The Royal Elementor Addons plugin for WordPress is vulnerable to insufficient access control in... High Unreviewed
CVE-2022-4701 was published Jan 10, 2023
A vulnerability was found in Forged Alliance Forever up to 3746. It has been declared as critical... High Unreviewed
CVE-2022-4879 was published Jan 6, 2023
The application management module has a vulnerability in permission verification. Successful... High Unreviewed
CVE-2022-46312 was published Dec 20, 2022
The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting... High Unreviewed
CVE-2022-2536 was published Dec 15, 2022
An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension... High Unreviewed
CVE-2022-47409 was published Dec 14, 2022
Improper authorization in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker... High Unreviewed
CVE-2022-39902 was published Dec 8, 2022
A vulnerability has been found in Facepay 1.0 and classified as critical. Affected by this... High Unreviewed
CVE-2022-4281 was published Dec 5, 2022
Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1... High Unreviewed
CVE-2022-39883 was published Nov 10, 2022
A vulnerability in the MiCollab Client API of Mitel MiCollab 9.1.3 through 9.5.0.101 could allow... High Unreviewed
CVE-2022-36453 was published Oct 25, 2022
Improper Authorization vulnerability exists in the Workplace X WebUI of the Hitachi Energy... High Unreviewed
CVE-2022-29490 was published Sep 13, 2022
Improper Authorization in GitHub repository chatwoot/chatwoot prior to 2.8. High Unreviewed
CVE-2022-2901 was published Sep 7, 2022
Sequi PortBloque S has an improper authorization vulnerability, which may allow a low-privileged... High Unreviewed
CVE-2022-2661 was published Aug 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database