Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,826
Erlang
36
GitHub Actions
32
Go
2,426
Maven
5,000+
npm
4,058
NuGet
723
pip
3,848
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+

263 advisories

Loading
The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on ... High Unreviewed
CVE-2017-9325 was published May 24, 2022
Truncated access authentication token leads to weakened access control for stored secure... High Unreviewed
CVE-2018-13908 was published May 24, 2022
A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a),... High Unreviewed
CVE-2019-6581 was published May 24, 2022
A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a),... High Unreviewed
CVE-2019-6582 was published May 24, 2022
Open-Xchange GmbH OX Cloud Plugins 1.4.0 and earlier is affected by: Missing Authorization. High Unreviewed
CVE-2017-8777 was published May 24, 2022
A vulnerability in the Secure Shell (SSH) authentication process of Cisco Small Business Switches... High Unreviewed
CVE-2019-1859 was published May 24, 2022
** UNSUPPPORTED WHEN ASSIGNED ** Incorrect authorisation in ekorCCP and ekorRCI, which could... High Unreviewed
CVE-2022-47553 was published Sep 19, 2023
GoogleOAuthenticator.hosted_domain incorrectly verifies membership of an Google organization/workspace High
CVE-2024-29033 was published for oauthenticator (pip) Mar 20, 2024
manics consideRatio
betatim
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, where it allows a guest... High Unreviewed
CVE-2024-0077 was published Mar 28, 2024
`GetRepositoryByName`, `DeleteRepositoryByName` and `GetArtifactByName` allow access of arbitrary repositories in Minder by any authenticated user High
CVE-2024-27916 was published for github.com/stacklok/minder (Go) Mar 5, 2024
dmjb
Improper Authorization in Jenkins Core High
CVE-2019-1003003 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
sunSUNQ
WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining... High Unreviewed
CVE-2016-4029 was published May 17, 2022
Firewall configured with unanimous strategy was not actually unanimous in Symfony High
CVE-2020-5275 was published for symfony/security (Composer) Mar 30, 2020
ajgarlag chalasr
A vulnerability has been found in Facepay 1.0 and classified as critical. Affected by this... High Unreviewed
CVE-2022-4281 was published Dec 5, 2022
Moodle all messaging conversations could be viewed High
CVE-2019-10154 was published for moodle/moodle (Composer) May 24, 2022
MarkLee131
SAP LT Replication Server - version S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107,... High Unreviewed
CVE-2024-21735 was published Jan 9, 2024
Magento Improper Authorization vulnerability High
CVE-2022-34256 was published for magento/community-edition (Composer) Aug 17, 2022
The vulnerability allows an authenticated remote attacker to perform actions exceeding their... High Unreviewed
CVE-2023-48252 was published Jan 10, 2024
Information disclosure in SMU in Hitachi Vantara HNAS 14.8.7825.01 on Windows allows... High Unreviewed
CVE-2023-5808 was published Dec 5, 2023
Garuda Linux performs an insecure user creation and authentication that allows any user to... High Unreviewed
CVE-2021-3784 was published Oct 4, 2023
SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through... High Unreviewed
CVE-2023-6538 was published Dec 11, 2023
An improper authorization vulnerability [CWE-285] in Fortinet FortiADC version 7.4.0 and before 7... High Unreviewed
CVE-2023-41673 was published Dec 13, 2023
Whole content of all documents of all wikis exposed to anybody with view right on Solr suggest service High
CVE-2023-48241 was published for org.xwiki.platform:xwiki-platform-search-solr-query (Maven) Nov 20, 2023
Improper Authorization in GitHub repository teamamaze/amazefileutilities prior to 1.91. High Unreviewed
CVE-2023-5948 was published Nov 3, 2023
A vulnerability, which was classified as critical, has been found in Xiamen Four Letter Video... High Unreviewed
CVE-2023-3805 was published Jul 21, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database