GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,198
Composer 4,343
Erlang 31
GitHub Actions 22
Go 2,107
Maven 5,283
npm 3,764
NuGet 679
pip 3,452
Pub 12
RubyGems 892
Rust 886
Swift 37

Unreviewed advisories

All unreviewed 243,211

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

281 advisories

Filter by severity

Sort by

Least recently updated

An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause a... Moderate Unreviewed

CVE-2023-29751 was published Jun 9, 2023

An issue found in Twilight v.13.3 for Android allows unauthorized apps to cause a persistent... Moderate Unreviewed

CVE-2023-29756 was published Jun 9, 2023

Incorrect access control in the administrative functionalities of BES--6024PB-I50H1 VideoPlayTool... Critical Unreviewed

CVE-2023-33443 was published Jun 8, 2023

An issue has been discovered in GitLab EE affecting all versions starting from 12.0 before 15.10... Moderate Unreviewed

CVE-2023-2589 was published Jun 7, 2023

Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user... Moderate Unreviewed

CVE-2023-28164 was published Jun 2, 2023

Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab... Moderate Unreviewed

CVE-2023-23601 was published Jun 2, 2023

An issue in South River Technologies TitanFTP Before v2.0.1.2102 allows attackers with low-level... High Unreviewed

CVE-2023-27745 was published Jun 2, 2023

The Call Blocker application 6.6.3 for Android allows attackers to tamper with feature-related... Critical Unreviewed

CVE-2023-29728 was published May 31, 2023

An issue found in BestWeather v.7.3.1 for Android allows unauthorized apps to cause a persistent... High Unreviewed

CVE-2023-29745 was published May 31, 2023

An issue found in BestWeather v.7.3.1 for Android allows unauthorized apps to cause a persistent... High Unreviewed

CVE-2023-29743 was published May 31, 2023

An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for an attacker... High Unreviewed

CVE-2023-28349 was published May 31, 2023

Incorrect access control in luowice v3.5.18 allows attackers to access cloud source code... High Unreviewed

CVE-2023-33740 was published May 31, 2023

Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control: authenticated... Moderate Unreviewed

CVE-2023-23561 was published May 30, 2023

Prestashop salesbooster <= 1.10.4 is vulnerable to Incorrect Access Control via modules... High Unreviewed

CVE-2023-30196 was published May 30, 2023

Missing Origin Validation in WebSockets vulnerability in CBOT Chatbot allows Content Spoofing Via... Moderate Unreviewed

CVE-2023-2886 was published May 25, 2023

Jenkins SAML Single Sign On(SSO) Plugin missing hostname validation Moderate

CVE-2023-32993 was published for io.jenkins.plugins:miniorange-saml-sp (Maven) May 16, 2023

Improper access control vulnerability in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier... High Unreviewed

CVE-2023-23578 was published May 10, 2023

A vulnerability has been discovered in Rocket.Chat, where messages can be hidden regardless of... Moderate Unreviewed

CVE-2023-28318 was published May 10, 2023

A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3,... Moderate Unreviewed

CVE-2023-27962 was published May 8, 2023

This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, macOS... High Unreviewed

CVE-2023-27944 was published May 8, 2023

This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13... Moderate Unreviewed

CVE-2023-27932 was published May 8, 2023

Zammad 5.3.x (Fixed in 5.4.0) is vulnerable to Incorrect Access Control. An authenticated... Moderate Unreviewed

CVE-2023-29868 was published May 2, 2023

Zammad 5.3.x (Fixed 5.4.0) is vulnerable to Incorrect Access Control. An authenticated attacker... Moderate Unreviewed

CVE-2023-29867 was published May 2, 2023

Improper access control in Subscriptions Folder path filter in Devolutions Server 2023.1.1 and... Moderate Unreviewed

CVE-2023-2445 was published May 2, 2023

code-server vulnerable to Missing Origin Validation in WebSockets Critical

CVE-2023-26114 was published for code-server (npm) Mar 23, 2023

Previous 1 2 3 4 5 6 7 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

281 advisories