Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,330
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

80 advisories

Loading
Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 and 10.0.x <= 10.0.0 fail... Low Unreviewed
CVE-2024-42000 was published Nov 9, 2024
Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3... Low Unreviewed
CVE-2024-8974 was published Sep 27, 2024
BTS is affected by information disclosure vulnerability where mobile network operator personnel... Low Unreviewed
CVE-2023-25189 was published Sep 25, 2024
SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to... Low Unreviewed
CVE-2024-44114 was published Sep 10, 2024
Incorrect Authorization vulnerability in Yassine Idrissi Maintenance & Coming Soon Redirect... Low Unreviewed
CVE-2024-43944 was published Aug 29, 2024
Logitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within... Low Unreviewed
CVE-2024-8011 was published Aug 25, 2024
Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD... Low Unreviewed
CVE-2021-26387 was published Aug 13, 2024
In affected versions of Octopus Server under certain conditions, a user with specific role... Low Unreviewed
CVE-2024-4811 was published Jul 25, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11... Low Unreviewed
CVE-2024-4011 was published Jun 27, 2024
An issue has been discovered in GitLab affecting all versions before 16.7.6, all versions... Low Unreviewed
CVE-2023-3509 was published Feb 22, 2024
Improper authorization verification vulnerability in Samsung Internet prior to version 24.0... Low Unreviewed
CVE-2024-20828 was published Feb 6, 2024
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed... Low Unreviewed
CVE-2023-51380 was published Dec 21, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 8.17 before 16.4.4... Low Unreviewed
CVE-2023-3511 was published Dec 15, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 8.13 before 16.4.3... Low Unreviewed
CVE-2023-4658 was published Dec 1, 2023
An issue has been discovered in GitLab affecting all versions starting from 12.1 before 16.4.3,... Low Unreviewed
CVE-2023-3443 was published Dec 1, 2023
Sensitive information disclosure and manipulation due to improper authorization. The following... Low Unreviewed
CVE-2023-44154 was published Sep 27, 2023
The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17,... Low Unreviewed
CVE-2023-35990 was published Sep 27, 2023
There is a permission and access control vulnerability in some ZTE mobile phones. Due to... Low Unreviewed
CVE-2023-25647 was published Aug 17, 2023
Mattermost WelcomeBot plugin fails to to validate the membership status when inviting or adding... Low Unreviewed
CVE-2023-3613 was published Jul 17, 2023
Mattermost fails to properly check the authorization of POST /api/v4/teams when passing a team... Low Unreviewed
CVE-2023-3584 was published Jul 17, 2023
Improper Handling of Insufficient Permissions or Privileges vulnerability in SemChameleonHelper... Low Unreviewed
CVE-2023-21424 was published Feb 9, 2023
Exposure of Sensitive Information from an Unauthorized Actor vulnerability in Samsung... Low Unreviewed
CVE-2022-39914 was published Dec 8, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T... Low Unreviewed
CVE-2022-39913 was published Dec 8, 2022
Improper access control vulnerability in RCS call prior to SMR Dec-2022 Release 1 allows local... Low Unreviewed
CVE-2022-39903 was published Dec 8, 2022
Zoho ManageEngine SupportCenter Plus through 11024 allows low-privileged users to view the... Low Unreviewed
CVE-2022-42903 was published Nov 18, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database