Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+

75 advisories

Loading
Answer Missing Authorization vulnerability Low
CVE-2023-2590 was published for github.com/answerdev/answer (Go) May 9, 2023
Froxlor vulnerable to business logic errors Low
CVE-2023-4304 was published for froxlor/froxlor (Composer) Aug 11, 2023
Mattermost fails to correctly delete attachments Low
CVE-2023-4105 was published for github.com/mattermost/mattermost-server/v6 (Go) Aug 11, 2023
Silverstripe Framework: Members with no password can be created and bypass custom login forms Low
CVE-2023-32302 was published for silverstripe/framework (Composer) Jul 31, 2023
sabina-talipova bimthebam
maxime-rainville
Sensitive information disclosure due to missing authorization. The following products are... Low Unreviewed
CVE-2023-45245 was published Oct 6, 2023
Sensitive information disclosure due to missing authorization. The following products are... Low Unreviewed
CVE-2023-41750 was published Aug 31, 2023
Sensitive information exposure in onCharacteristicRead in Charm by Samsung prior to version 1.2.3... Low Unreviewed
CVE-2022-33733 was published Aug 6, 2022
Renderers can obtain access to random bluetooth device without permission in Electron Low
CVE-2022-21718 was published for electron (npm) Mar 22, 2022
PalmerAL
Improper access control vulnerability in Telecom application prior to SMR Sep-2022 Release 1... Low Unreviewed
CVE-2022-36856 was published Sep 10, 2022
An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local... Low Unreviewed
CVE-2021-25519 was published Dec 9, 2021
Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows... Low Unreviewed
CVE-2022-39879 was published Nov 10, 2022
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). The client query... Low Unreviewed
CVE-2023-27462 was published Mar 14, 2023
Missing Authorization vulnerability in One Hand Operation + prior to version 6.1.21 allows multi... Low Unreviewed
CVE-2023-21450 was published Feb 9, 2023
The Duplicate Page or Post WordPress plugin before 1.5.1 does not have any authorisation and has... Low Unreviewed
CVE-2021-25075 was published Feb 22, 2022
The Ibtana WordPress plugin before 1.1.4.9 does not have authorisation and CSRF checks in the... Low Unreviewed
CVE-2021-25014 was published Feb 15, 2022
Unprotected Receiver in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows... Low Unreviewed
CVE-2022-39861 was published Oct 7, 2022
lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create... Low Unreviewed
CVE-2017-5985 was published May 13, 2022
The KEYS subsystem in the Linux kernel before 4.14.6 omitted an access-control check when adding... Low Unreviewed
CVE-2017-17807 was published May 13, 2022
The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins... Low Unreviewed
CVE-2017-5930 was published May 13, 2022
In AlwaysOnHotwordDetector of AlwaysOnHotwordDetector.java, there is a possible way to access the... Low Unreviewed
CVE-2022-20446 was published Nov 9, 2022
An authorization issue was addressed with improved state management. This issue is fixed in iOS... Low Unreviewed
CVE-2022-26703 was published May 27, 2022
An exploitable information disclosure vulnerability exists in SoftPerfect’s RAM Disk 4.1 spvve... Low Unreviewed
CVE-2020-13523 was published May 24, 2022
In createDialog of WifiScanModeActivity.java, there is a possible way for a Guest user to enable... Low Unreviewed
CVE-2022-20537 was published Dec 21, 2022
In registerBroadcastReceiver of RcsService.java, there is a possible way to change preferred TTY... Low Unreviewed
CVE-2022-20536 was published Dec 21, 2022
Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8 are susceptible to a... Low Unreviewed
CVE-2021-26988 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database