Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

731 advisories

Loading
Incorrect Authorization vulnerability in Drupal Basic HTTP Authentication allows Forceful... High Unreviewed
CVE-2024-13291 was published Jan 9, 2025
Incorrect Authorization vulnerability in Drupal Block permissions allows Forceful Browsing.This... High Unreviewed
CVE-2024-13282 was published Jan 9, 2025
Permission prompts for opening external schemes were only shown for <code>ContentPrincipals</code... High Unreviewed
CVE-2023-25729 was published Jun 2, 2023
An Insecure Direct Object Reference (IDOR) vulnerability exists in the lunary-ai/lunary... High Unreviewed
CVE-2024-1625 was published Apr 10, 2024
The grc-policy-propagator allows security escalation within the cluster. The propagator allows... High Unreviewed
CVE-2023-3027 was published Jun 6, 2023
An issue found in CrossX v.1.15.3 for Android allows a local attacker to cause an escalation of... High Unreviewed
CVE-2023-29766 was published Jun 9, 2023
An issue found in Facemoji Emoji Keyboard v.2.9.1.2 for Android allows unauthorized apps to cause... High Unreviewed
CVE-2023-29752 was published Jun 9, 2023
A Mazda model (2015-2016) can be unlocked via an unspecified method. High Unreviewed
CVE-2023-32219 was published Jun 12, 2023
In showNextSecurityScreenOrFinish of KeyguardSecurityContainerController.java, there is a... High Unreviewed
CVE-2023-21245 was published Jul 13, 2023
Windows Authentication Security Feature Bypass Vulnerability. High Unreviewed
CVE-2022-26913 was published May 11, 2022
Kerberos AppContainer Security Feature Bypass Vulnerability. High Unreviewed
CVE-2022-30164 was published Jun 16, 2022
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products,... High Unreviewed
CVE-2022-31644 was published Jun 14, 2023
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products,... High Unreviewed
CVE-2022-31646 was published Jun 14, 2023
An improper access control vulnerability exists in SimplCommerce at commit... High Unreviewed
CVE-2024-50945 was published Dec 27, 2024
Incorrect Authorization vulnerability in Apache OFBiz. This issue affects Apache OFBiz: through... High Unreviewed
CVE-2024-38856 was published Aug 5, 2024
In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an... High Unreviewed
CVE-2023-21270 was published Nov 19, 2024
Incorrect access control in Sunbird DCIM dcTrack v9.1.2 allows attackers to create or update a... High Unreviewed
CVE-2024-37775 was published Dec 17, 2024
An access control bypass vulnerability found in 389-ds-base. That mishandling of the filter that... High Unreviewed
CVE-2022-1949 was published Jun 3, 2022
An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. A mobile network... High Unreviewed
CVE-2023-25185 was published Jun 16, 2023
An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR. An... High Unreviewed
CVE-2024-55579 was published Dec 9, 2024
An authorization issue was addressed with improved state management. This issue is fixed in macOS... High Unreviewed
CVE-2024-27798 was published May 14, 2024
The VerifiedBoot module has a vulnerability that may cause authentication errors.Successful... High Unreviewed
CVE-2023-52361 was published Feb 18, 2024
A vulnerability exists where a low-privileged user can exploit insufficient permissions in... High Unreviewed
CVE-2024-45204 was published Dec 4, 2024
An issue was discovered in /cgi-bin/adm.cgi in WavLink WavRouter version RPT70HA1.x, allows... High Unreviewed
CVE-2023-29708 was published Jun 22, 2023
A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for... High Unreviewed
CVE-2023-32353 was published Jun 23, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database