GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,645
Composer 4,233
Erlang 31
GitHub Actions 20
Go 1,992
Maven 5,179
npm 3,709
NuGet 661
pip 3,346
Pub 11
RubyGems 884
Rust 846
Swift 36

Unreviewed advisories

All unreviewed 234,947

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,040 advisories

Filter by severity

Sort by

Least recently updated

In Forgejo before 1.20.5-1, certain endpoints do not check whether an object belongs to a... Critical Unreviewed

CVE-2023-49946 was published Dec 3, 2023

The FACSChorus software database can be accessed directly with the privileges of the currently... Moderate Unreviewed

CVE-2023-29065 was published Nov 28, 2023

The WP Hotel Booking WordPress plugin before 2.0.8 does not have authorisation and CSRF checks,... Moderate Unreviewed

CVE-2023-5651 was published Nov 20, 2023

Honeywell ProWatch, 4.5, including all Service Pack versions, contain a Vulnerability in... High Unreviewed

CVE-2023-6179 was published Nov 17, 2023

Insecure inherited permissions in some Intel(R) Simics Simulator software before version 1.7.2... Moderate Unreviewed

CVE-2023-34314 was published Nov 14, 2023

Insecure inherited permissions in the installer for some Intel Server Configuration Utility... Moderate Unreviewed

CVE-2023-34997 was published Nov 14, 2023

Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16... Moderate Unreviewed

CVE-2023-39230 was published Nov 14, 2023

Insecure inherited permissions in some Intel(R) NUC Pro Software Suite installation software... Moderate Unreviewed

CVE-2022-41700 was published Nov 14, 2023

Insecure inherited permissions in some Intel(R) NUC Watchdog Timer installation software before... Moderate Unreviewed

CVE-2022-33898 was published Nov 14, 2023

An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 through 7.2... Moderate Unreviewed

CVE-2023-36633 was published Nov 14, 2023

An issue was discovered in Click Studios Passwordstate before 9811. Existing users (Security... Moderate Unreviewed

CVE-2023-47801 was published Nov 13, 2023

Local attacker can escalate privileges on affected installations of Check Point Harmony Endpoint... High Unreviewed

CVE-2023-28134 was published Nov 13, 2023

An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in... Moderate Unreviewed

CVE-2023-5136 was published Nov 8, 2023

A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine... Moderate Unreviewed

CVE-2023-3282 was published Nov 8, 2023

Sourcecodester Free and Open Source inventory management system v1.0 is vulnerable to Incorrect... High Unreviewed

CVE-2023-46449 was published Oct 26, 2023

A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma... Moderate Unreviewed

CVE-2023-42861 was published Oct 25, 2023

EisBaer Scada - CWE-732: Incorrect Permission Assignment for Critical Resource Critical Unreviewed

CVE-2023-42489 was published Oct 25, 2023

Incorrect Permission Assignment for Critical Resource in GitHub Enterprise Server that allowed... Unknown Unreviewed

CVE-2023-23767 was published Oct 25, 2023

SECUDOS Qiata (DOMOS OS) 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To... High Unreviewed

CVE-2023-40361 was published Oct 20, 2023

Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a vulnerability... High Unreviewed

CVE-2023-34437 was published Oct 19, 2023

An Incorrect Permission Assignment for Critical Resource vulnerability in a specific file of... Moderate Unreviewed

CVE-2023-44201 was published Oct 13, 2023

Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities... High Unreviewed

CVE-2023-32724 was published Oct 12, 2023

Request to LDAP is sent before user permissions are checked. Critical Unreviewed

CVE-2023-32723 was published Oct 12, 2023

A vulnerability has been identified in SICAM PAS/PQS (All versions >= V8.00 < V8.20). The... High Unreviewed

CVE-2023-45205 was published Oct 10, 2023

A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application... High Unreviewed

CVE-2022-30527 was published Oct 10, 2023

Previous 1 2 3 4 5 6 7 … 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,040 advisories