Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,732
Erlang
35
GitHub Actions
29
Go
2,310
Maven
5,000+
npm
3,949
NuGet
711
pip
3,728
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

112 advisories

Loading
An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for an attacker... High Unreviewed
CVE-2023-28349 was published May 31, 2023
An issue found in BestWeather v.7.3.1 for Android allows unauthorized apps to cause a persistent... High Unreviewed
CVE-2023-29743 was published May 31, 2023
An issue found in BestWeather v.7.3.1 for Android allows unauthorized apps to cause a persistent... High Unreviewed
CVE-2023-29745 was published May 31, 2023
Incorrect access control in luowice v3.5.18 allows attackers to access cloud source code... High Unreviewed
CVE-2023-33740 was published May 31, 2023
Prestashop salesbooster <= 1.10.4 is vulnerable to Incorrect Access Control via modules... High Unreviewed
CVE-2023-30196 was published May 30, 2023
Improper access control vulnerability in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier... High Unreviewed
CVE-2023-23578 was published May 10, 2023
This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, macOS... High Unreviewed
CVE-2023-27944 was published May 8, 2023
Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service. High Unreviewed
CVE-2021-33959 was published Jan 18, 2023
A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking... High Unreviewed
CVE-2022-42927 was published Dec 22, 2022
Phoenix before 1.6.14 mishandles check_origin wildcarding High
CVE-2022-42975 was published for phoenix (Erlang) Oct 17, 2022
maennchen
An origin validation error vulnerability in Trend Micro Apex One agents could allow a local... High Unreviewed
CVE-2022-41749 was published Oct 11, 2022
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey... High Unreviewed
CVE-2022-22637 was published Sep 25, 2022
A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause... High Unreviewed
CVE-2022-26137 was published Jul 21, 2022
Origin validation error vulnerability in NeoRS’s ActiveX moudle allows attackers to download and... High Unreviewed
CVE-2022-23763 was published Jun 29, 2022
Yandex Browser for Android 20.8.4 allows remote attackers to perform SOP bypass and addresss bar... High Unreviewed
CVE-2020-27969 was published May 24, 2022
In Ping Identity RSA SecurID Integration Kit before 3.2, user impersonation can occur. High Unreviewed
CVE-2021-39270 was published May 24, 2022
The server in npupnp before 4.1.4 is affected by DNS rebinding in the embedded web server ... High Unreviewed
CVE-2021-31718 was published May 24, 2022
An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. Because the... High Unreviewed
CVE-2020-35556 was published May 24, 2022
DSUtility.dll in Pelco Digital Sentry Server before 7.19.67 has an arbitrary file write... High Unreviewed
CVE-2021-27197 was published May 24, 2022
IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused... High Unreviewed
CVE-2020-4881 was published May 24, 2022
ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the... High Unreviewed
CVE-2020-6881 was published May 24, 2022
A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7... High Unreviewed
CVE-2020-3864 was published May 24, 2022
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and... High Unreviewed
CVE-2020-9903 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to... High Unreviewed
CVE-2020-16952 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to... High Unreviewed
CVE-2020-16951 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database