GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,324
Composer 4,360
Erlang 33
GitHub Actions 22
Go 2,127
Maven 5,308
npm 3,793
NuGet 683
pip 3,471
Pub 12
RubyGems 894
Rust 894
Swift 38

Unreviewed advisories

All unreviewed 244,791

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

293 advisories

Filter by severity

Sort by

Least recently updated

An elevation of privilege vulnerability exists in the way Azure Functions validate access keys.An... Critical Unreviewed

CVE-2020-16904 was published May 24, 2022

Incorrect authorization checks in GitLab CE/EE from all versions starting from 8.13 before 16.5.6... Critical Unreviewed

CVE-2023-5356 was published Jan 12, 2024

Openstack Keystone Incorrect Authorization vulnerability Critical

CVE-2021-3563 was published for keystone (pip) Aug 27, 2022

A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software... Critical Unreviewed

CVE-2023-20048 was published Nov 1, 2023

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA)... Critical Unreviewed

CVE-2023-20269 was published Sep 6, 2023

In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x... Critical Unreviewed

CVE-2022-30310 was published Jun 14, 2022

In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-web... Critical Unreviewed

CVE-2022-30308 was published Jun 14, 2022

IcedTea6 before 1.7.4 does not properly check property access, which allows unsigned apps to read... Critical Unreviewed

CVE-2010-2548 was published Apr 21, 2022

Zimbra Collaboration Open Source 8.8.15 does not encrypt the initial-login randomly created... Critical Unreviewed

CVE-2022-32294 was published Jul 12, 2022

** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-885L FW102b01... Critical Unreviewed

CVE-2023-36090 was published Jul 31, 2023

** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-645 firmware... Critical Unreviewed

CVE-2023-36089 was published Jul 31, 2023

** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-859 FW105b03... Critical Unreviewed

CVE-2023-36092 was published Jul 31, 2023

A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches... Critical Unreviewed

CVE-2019-1912 was published May 24, 2022

On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices,... Critical Unreviewed

CVE-2019-14236 was published May 24, 2022

OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an attacker to bypass access... Critical Unreviewed

CVE-2019-15941 was published May 24, 2022

Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue... Critical Unreviewed

CVE-2023-30771 was published Apr 17, 2023

This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS... Critical Unreviewed

CVE-2023-30467 was published Apr 28, 2023

In JetBrains TeamCity before 2023.05 bypass of permission checks allowing to perform admin... Critical Unreviewed

CVE-2023-34218 was published May 31, 2023

Wade Graphic Design FANTSY has a vulnerability of insufficient authorization check. An... Critical Unreviewed

CVE-2023-28698 was published Jun 2, 2023

Arcserve UDP through 9.0.6034 allows authentication bypass. The method getVersionInfo at... Critical Unreviewed

CVE-2023-26258 was published Jul 3, 2023

Vulnerability of incomplete read and write permission verification in the GPU module. Successful... Critical Unreviewed

CVE-2021-46890 was published Jul 5, 2023

Vulnerability of incomplete read and write permission verification in the GPU module. Successful... Critical Unreviewed

CVE-2021-46891 was published Jul 5, 2023

Nexxt Nebula 1200-AC 15.03.06.60 allows authentication bypass and command execution by using the... Critical Unreviewed

CVE-2022-46080 was published Jul 6, 2023

Franklin Fueling System FFS Colibri 1.9.22.8925 is affected by: File system overwrite. The impact... Critical Unreviewed

CVE-2022-44039 was published Jul 6, 2023

In TravianZ 8.3.4 and 8.3.3, Incorrect Access Control in the installation script allows an... Critical Unreviewed

CVE-2023-36994 was published Jul 7, 2023

Previous 1 2 … 6 7 8 9 10 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

293 advisories