Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,462
Erlang
33
GitHub Actions
22
Go
2,159
Maven
5,000+
npm
3,820
NuGet
696
pip
3,502
Pub
12
RubyGems
903
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

461 advisories

Loading
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to... Moderate Unreviewed
CVE-2023-20234 was published Aug 23, 2023
A vulnerability in the Simple Network Management Protocol (SNMP) service of Cisco FXOS Software... Moderate Unreviewed
CVE-2023-20200 was published Aug 23, 2023
The Easy Social Feed plugin for WordPress is vulnerable to unauthorized modification of data due... Moderate Unreviewed
CVE-2023-6883 was published Jan 11, 2024
The WP 2FA – Two-factor authentication for WordPress plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2023-6506 was published Jan 11, 2024
There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular... Moderate Unreviewed
CVE-2023-41776 was published Jan 3, 2024
A vulnerability classified as problematic has been found in PHPGurukul Online Notes Sharing... Moderate Unreviewed
CVE-2023-7055 was published Dec 22, 2023
The Advanced Access Manager plugin before 6.6.2 for WordPress displays the unfiltered user object... Moderate Unreviewed
CVE-2020-35934 was published May 24, 2022
A security feature bypass vulnerability exists when a Windows Projected Filesystem improperly... Moderate Unreviewed
CVE-2020-0805 was published May 24, 2022
Azure Sphere Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-16985. Moderate Unreviewed
CVE-2020-16990 was published May 24, 2022
Incorrect Permission Assignment for Critical Resource in Jenkins Mailer Plugin Moderate
CVE-2022-20614 was published for org.jenkins-ci.plugins:mailer (Maven) Jan 13, 2022
westonsteimel
Incorrect Permission Assignment for Critical Resource in Jenkins Bitbucket Branch Source Plugin Moderate
CVE-2022-20618 was published for org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source (Maven) Jan 13, 2022
NotMyFault westonsteimel
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2, macOS... Moderate Unreviewed
CVE-2023-42924 was published Dec 12, 2023
There is a weak folder permission vulnerability in ZTE's ZXCLOUD iRAI product. Due to weak... Moderate Unreviewed
CVE-2023-25648 was published Dec 14, 2023
A vulnerability has been identified in POWER METER SICAM Q200 family (All versions < V2.70).... Moderate Unreviewed
CVE-2023-31238 was published Jun 13, 2023
Missing permission check in Jenkins JiraTestResultReporter Plugin Moderate
CVE-2022-28137 was published for org.jenkins-ci.plugins:JiraTestResultReporter (Maven) Mar 30, 2022
NotMyFault
The FACSChorus software database can be accessed directly with the privileges of the currently... Moderate Unreviewed
CVE-2023-29065 was published Nov 28, 2023
An issue was discovered in Click Studios Passwordstate before 9811. Existing users (Security... Moderate Unreviewed
CVE-2023-47801 was published Nov 13, 2023
An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 through 7.2... Moderate Unreviewed
CVE-2023-36633 was published Nov 14, 2023
The WP Hotel Booking WordPress plugin before 2.0.8 does not have authorisation and CSRF checks,... Moderate Unreviewed
CVE-2023-5651 was published Nov 20, 2023
Insecure inherited permissions in some Intel(R) NUC Watchdog Timer installation software before... Moderate Unreviewed
CVE-2022-33898 was published Nov 14, 2023
Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16... Moderate Unreviewed
CVE-2023-39230 was published Nov 14, 2023
Insecure inherited permissions in the installer for some Intel Server Configuration Utility... Moderate Unreviewed
CVE-2023-34997 was published Nov 14, 2023
Insecure inherited permissions in some Intel(R) Simics Simulator software before version 1.7.2... Moderate Unreviewed
CVE-2023-34314 was published Nov 14, 2023
xxl-job-admin vulnerable to Insecure Permissions Moderate
CVE-2023-48087 was published for com.xuxueli:xxl-job-admin (Maven) Nov 15, 2023
Incorrect permissions in Apache Ozone Moderate
CVE-2021-39235 was published for org.apache.ozone:ozone-main (Maven) Nov 23, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database