GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

434 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in Click Studios Passwordstate before 9811. Existing users (Security... Moderate Unreviewed

CVE-2023-47801 was published Nov 13, 2023

A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine... Moderate Unreviewed

CVE-2023-3282 was published Nov 8, 2023

An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in... Moderate Unreviewed

CVE-2023-5136 was published Nov 8, 2023

A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma... Moderate Unreviewed

CVE-2023-42861 was published Oct 25, 2023

An Incorrect Permission Assignment for Critical Resource vulnerability in a specific file of... Moderate Unreviewed

CVE-2023-44201 was published Oct 13, 2023

A vulnerability has been identified in SICAM PAS/PQS (All versions >= V8.00 < V8.22). The... Moderate Unreviewed

CVE-2023-38640 was published Oct 10, 2023

An issue was discovered in the PageTriage extension for MediaWiki before 1.35.12, 1.36.x through... Moderate Unreviewed

CVE-2023-45369 was published Oct 9, 2023

An issue was discovered in includes/page/Article.php in MediaWiki 1.36.x through 1.39.x before 1... Moderate Unreviewed

CVE-2023-45364 was published Oct 9, 2023

Broadcast permission control vulnerability in the framework module. Successful exploitation of... Moderate Unreviewed

CVE-2023-4565 was published Sep 27, 2023

Vulnerability of improper permission management in the displayengine module. Successful... Moderate Unreviewed

CVE-2023-41295 was published Sep 25, 2023

A vulnerability has been identified in Node.js version 20, affecting users of the experimental... Moderate Unreviewed

CVE-2023-32005 was published Sep 20, 2023

An incorrect permission check in Qualys Container Scanning Connector Plugin 1.6.2.6 and earlier... Moderate Unreviewed

CVE-2023-4777 was published Sep 8, 2023

Insecure Inherited Permissions vulnerability in Schweitzer Engineering Laboratories SEL-5033... Moderate Unreviewed

CVE-2023-34391 was published Aug 31, 2023

A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6... Moderate Unreviewed

CVE-2023-4228 was published Aug 24, 2023

A vulnerability in the restricted security domain implementation of Cisco Application Policy... Moderate Unreviewed

CVE-2023-20230 was published Aug 23, 2023

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to... Moderate Unreviewed

CVE-2023-20234 was published Aug 23, 2023

A vulnerability in the Simple Network Management Protocol (SNMP) service of Cisco FXOS Software... Moderate Unreviewed

CVE-2023-20200 was published Aug 23, 2023

An issue in the delete function in the ActModelController class of jeesite v1.2.6 allows... Moderate Unreviewed

CVE-2023-38991 was published Aug 4, 2023

No access control for the OTP key on OTP entries in Devolutions Remote Desktop Manager... Moderate Unreviewed

CVE-2023-1939 was published Jul 6, 2023

Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL... Moderate Unreviewed

CVE-2023-35800 was published Jun 27, 2023

Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An... Moderate Unreviewed

CVE-2023-35799 was published Jun 27, 2023

Broken access control in the Registration page (/Registration.aspx) of Termenos CWX v8.5.6 allows... Moderate Unreviewed

CVE-2023-34797 was published Jun 15, 2023

Arbitrary file read vulnerability in Jenkins AWS CodeCommit Trigger Plugin Moderate

CVE-2023-35147 was published for org.jenkins-ci.plugins:aws-codecommit-trigger (Maven) Jun 14, 2023

A vulnerability has been identified in POWER METER SICAM Q200 family (All versions < V2.70).... Moderate Unreviewed

CVE-2023-31238 was published Jun 13, 2023

Sensitive Cookie Without 'HttpOnly' Flag vulnerability in ABB REX640 PCL1 (firmware modules), ABB... Moderate Unreviewed

CVE-2023-2876 was published Jun 13, 2023

Previous 1 2 3 4 5 … 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

434 advisories