GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
263 advisories
Filter by severity
Potential network policy bypass when routing IPv6 traffic
Moderate
CVE-2023-27594
was published
for
github.com/cilium/cilium
(Go)
Mar 17, 2023
Moodle may allow students to bypass sequential navigation during a quiz attempt
Moderate
CVE-2022-40208
was published
for
moodle/moodle
(Composer)
Mar 24, 2023
Publify `guest` role users can self-register even when the admin does not allow it
Moderate
CVE-2021-25973
was published
for
publify_core
(RubyGems)
Nov 3, 2021
HashiCorp Vault's PKI mount vulnerable to denial of service
Moderate
CVE-2023-0665
was published
for
github.com/hashicorp/vault
(Go)
Mar 30, 2023
Improper Authorization vulnerability in setDualDARPolicyCmd prior to SMR Sep-2022 Release 1...
Moderate
Unreviewed
CVE-2022-36848
was published
Sep 10, 2022
After user deletion in MongoDB Server the improper invalidation of authorization sessions allows...
Moderate
Unreviewed
CVE-2019-2386
was published
May 24, 2022
OpenFGA subject to Information Disclosure via streamed-list-objects endpoint
Moderate
CVE-2022-39340
was published
for
github.com/openfga/openfga
(Go)
Oct 25, 2022
OpenFGA Authorization Bypass via tupleset wildcard
Moderate
CVE-2022-39341
was published
for
github.com/openfga/openfga
(Go)
Oct 25, 2022
OpenFGA Authorization Bypass
Moderate
CVE-2022-39342
was published
for
github.com/openfga/openfga
(Go)
Oct 25, 2022
Improper Authorization vulnerability in Link Sharing prior to version 12.4.00.3 allows attackers...
Moderate
Unreviewed
CVE-2022-24002
was published
Feb 12, 2022
Using off-the-shelf commodity hardware, the Unitree Go 1 robotics platform version H0.1.7 and H0...
Moderate
Unreviewed
CVE-2022-2675
was published
Aug 6, 2022
Improper authorization in Samsung Pass prior to 1.0.00.33 allows physical attackers to acess...
Moderate
Unreviewed
CVE-2022-30730
was published
Jun 8, 2022
Improper Authorization in GitHub repository chocobozzz/peertube prior to 4.1.0.
Moderate
Unreviewed
CVE-2022-0726
was published
Feb 24, 2022
Improper Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5.
Moderate
Unreviewed
CVE-2022-0756
was published
Mar 8, 2022
Cloud Mobility for Dell Storage versions 1.3.0 and earlier contains an Improper Access Control...
Moderate
Unreviewed
CVE-2022-34434
was published
Oct 11, 2022
Improper authorization vulnerability in Knoxguard prior to SMR Jul-2022 Release 1 allows local...
Moderate
Unreviewed
CVE-2022-33702
was published
Jul 13, 2022
Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch...
Moderate
Unreviewed
CVE-2021-25354
was published
May 24, 2022
A vulnerability was found in Click Studios Passwordstate and Passwordstate Browser Extension...
Moderate
Unreviewed
CVE-2022-4613
was published
Dec 19, 2022
An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables...
Moderate
Unreviewed
CVE-2022-0027
was published
May 12, 2022
Symfony storing cookie headers in HttpCache
Moderate
CVE-2022-24894
was published
for
symfony/http-kernel
(Composer)
Feb 1, 2023
Improper authorization vulnerability in Samsung Internet prior to version 18.0.4.14 allows...
Moderate
Unreviewed
CVE-2022-39873
was published
Oct 7, 2022
usememos/memos Improper Authorization vulnerability
Moderate
CVE-2022-4811
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
Improper Authorization in GitHub repository orchardcms/orchardcore prior to 1.3.0.
Moderate
Unreviewed
CVE-2022-0821
was published
Mar 12, 2022
Tad Honor viewing book list function is vulnerable to authorization bypass, thus remote attackers...
Moderate
Unreviewed
CVE-2021-41564
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API