Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

67 advisories

Loading
Cash Operations does not perform necessary authorization check for an authenticated user,... Low Unreviewed
CVE-2024-47587 was published Nov 12, 2024
The issue was addressed by restricting options offered on a locked device. This issue is fixed in... Low Unreviewed
CVE-2024-44265 was published Oct 28, 2024
An authorization issue affecting GitLab EE affecting all versions from 14.7 prior to 16.3.6, 16.4... Low Unreviewed
CVE-2023-4700 was published Nov 6, 2023
The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to user group add due to a... Low Unreviewed
CVE-2024-8350 was published Sep 25, 2024
An authenticated attacker with high privilege can use functions of SLCM transactions to which... Low Unreviewed
CVE-2024-45284 was published Sep 10, 2024
Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform... Low Unreviewed
CVE-2024-41728 was published Sep 10, 2024
Rapid7 Insight Platform versions between November 2019 and August 14, 2024 suffer from missing... Low Unreviewed
CVE-2024-8042 was published Sep 9, 2024
'Rakuten Ichiba App' for Android 12.4.0 and earlier and 'Rakuten Ichiba App' for iOS 11.7.0 and... Low Unreviewed
CVE-2024-41918 was published Aug 29, 2024
Missing Authorization vulnerability in weForms.This issue affects weForms: from n/a through 1.6.20. Low Unreviewed
CVE-2024-30512 was published Jun 9, 2024
Missing Authorization vulnerability in Event Espresso Event Espresso 4 Decaf allows Functionality... Low Unreviewed
CVE-2023-27437 was published Jun 4, 2024
SAP Bank Account Management does not perform necessary authorization check for an authorized user... Low Unreviewed
CVE-2024-33000 was published May 14, 2024
Missing authorization in PostgreSQL built-in views pg_stats_ext and pg_stats_ext_exprs allows an... Low Unreviewed
CVE-2024-4317 was published May 14, 2024
BMC Track-It! GetData Missing Authorization Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2021-35001 was published May 8, 2024
Missing Authorization vulnerability in Quiz Maker team Quiz Maker.This issue affects Quiz Maker:... Low Unreviewed
CVE-2023-23985 was published Apr 24, 2024
The com.full.dialer.top.secure.encrypted application through 1.0.1 for Android enables any... Low Unreviewed
CVE-2023-42469 was published Sep 13, 2023
Mattermost fails to properly show information in the UI, allowing a system admin to modify a... Low Unreviewed
CVE-2023-3587 was published Jul 17, 2023
In music service, there is a missing permission check. This could lead to local information... Low Unreviewed
CVE-2023-33880 was published Jul 12, 2023
In music service, there is a missing permission check. This could lead to local information... Low Unreviewed
CVE-2023-33879 was published Jul 12, 2023
In mnld, there is a possible leak of GPS location due to a missing permission check. This could... Low Unreviewed
CVE-2023-20726 was published May 16, 2023
In FingerprintService, there is a possible bypass for operating system protections that isolate... Low Unreviewed
CVE-2019-9377 was published May 24, 2022
In SyncStatusObserver, there is a possible bypass for operating system protections that isolate... Low Unreviewed
CVE-2019-9351 was published May 24, 2022
In cases where a multi-tenant stack user is operating Foundry’s Linter service, and the user... Low Unreviewed
CVE-2023-22836 was published Jan 29, 2024
Gallery3d on Tecno Camon X CA7 devices allows attackers to view hidden images by navigating to... Low Unreviewed
CVE-2023-52275 was published Dec 31, 2023
An information disclosure vulnerability exists when Windows Mobile Device Management (MDM)... Low Unreviewed
CVE-2020-0989 was published May 24, 2022
Missing Authorization vulnerability in Anders Thorborg.This issue affects Anders Thorborg: from n... Low Unreviewed
CVE-2023-22676 was published Dec 29, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database