GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,018
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,069
Maven 5,241
npm 3,744
NuGet 668
pip 3,429
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,526

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,938 advisories

Filter by severity

Sort by

Least recently updated

Incorrect Authorization vulnerability in Drupal Basic HTTP Authentication allows Forceful... High Unreviewed

CVE-2024-13291 was published Jan 9, 2025

There is an improper authorization vulnerability in some Huawei smartphones. An attacker could... Low Unreviewed

CVE-2020-9081 was published Dec 27, 2024

Incorrect Authorization vulnerability in Drupal Commerce View Receipt allows Forceful Browsing... Moderate Unreviewed

CVE-2024-13257 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Monster Menus allows Forceful Browsing.This issue... Critical Unreviewed

CVE-2024-13281 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Pages Restriction Access allows Forceful Browsing... Moderate Unreviewed

CVE-2024-13302 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Drupal REST & JSON API Authentication allows... Critical Unreviewed

CVE-2024-13258 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Advanced PWA inc Push Notifications allows... Critical Unreviewed

CVE-2024-13253 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Block permissions allows Forceful Browsing.This... High Unreviewed

CVE-2024-13282 was published Jan 9, 2025

Permission prompts for opening external schemes were only shown for <code>ContentPrincipals</code... High Unreviewed

CVE-2023-25729 was published Jun 2, 2023

Incorrect Authorization vulnerability in Drupal Smart IP Ban allows Forceful Browsing.This issue... Critical Unreviewed

CVE-2024-13277 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Diff allows Functionality Misuse.This issue... Critical Unreviewed

CVE-2024-13278 was published Jan 9, 2025

A duplicate <code>SystemPrincipal</code> object could be created when parsing a non-system html... Moderate Unreviewed

CVE-2023-23604 was published Jun 2, 2023

lunary-ai/lunary version 1.0.1 is vulnerable to improper authorization, allowing removed members... Critical Unreviewed

CVE-2024-1741 was published Apr 10, 2024

Android applications with unpatched vulnerabilities can be launched from a browser using Intents,... Moderate Unreviewed

CVE-2023-25749 was published Jun 2, 2023

Incorrect Authorization vulnerability in Drupal OhDear Integration allows Forceful Browsing.This... Unknown Unreviewed

CVE-2024-13290 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Responsive and off-canvas menu allows Forceful... Unknown Unreviewed

CVE-2024-13266 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Content Entity Clone allows Forceful Browsing... Unknown Unreviewed

CVE-2024-13271 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Freelinking allows Forceful Browsing.This issue... Unknown Unreviewed

CVE-2024-13270 was published Jan 9, 2025

The WebChannel API, which is used to transport various information across processes, did not... Moderate Unreviewed

CVE-2025-0237 was published Jan 7, 2025

An Insecure Direct Object Reference (IDOR) vulnerability exists in the lunary-ai/lunary... High Unreviewed

CVE-2024-1625 was published Apr 10, 2024

The grc-policy-propagator allows security escalation within the cluster. The propagator allows... High Unreviewed

CVE-2023-3027 was published Jun 6, 2023

The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps &... Moderate Unreviewed

CVE-2024-1803 was published May 23, 2024

An issue found in FlightAware v.5.8.0 for Android allows unauthorized apps to cause a persistent... Moderate Unreviewed

CVE-2023-29759 was published Jun 9, 2023

An issue found in Blue Light Filter v.1.5.5 for Android allows unauthorized apps to cause a... Moderate Unreviewed

CVE-2023-29758 was published Jun 9, 2023

An issue found in CrossX v.1.15.3 for Android allows a local attacker to cause an escalation of... High Unreviewed

CVE-2023-29766 was published Jun 9, 2023

Previous 1 2 3 4 5 … 77 78 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,938 advisories