GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
98 advisories
Filter by severity
Moodle's user/power level management inconsistent with suspended users
Low
CVE-2024-43433
was published
for
moodle/moodle
(Composer)
Nov 11, 2024
Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 and 10.0.x <= 10.0.0 fail...
Low
Unreviewed
CVE-2024-42000
was published
Nov 9, 2024
Umbraco CMS Improper Access Control Vulnerability Allows Low-Privilege Users to Access Webhook API
Low
CVE-2024-48925
was published
for
Umbraco.CMS
(NuGet)
Oct 22, 2024
Information Disclosure in TYPO3 Page Tree
Low
CVE-2024-47780
was published
for
typo3/cms-backend
(Composer)
Oct 8, 2024
Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3...
Low
Unreviewed
CVE-2024-8974
was published
Sep 27, 2024
BTS is affected by information disclosure vulnerability where mobile network operator personnel...
Low
Unreviewed
CVE-2023-25189
was published
Sep 25, 2024
SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to...
Low
Unreviewed
CVE-2024-44114
was published
Sep 10, 2024
Incorrect Authorization vulnerability in Yassine Idrissi Maintenance & Coming Soon Redirect...
Low
Unreviewed
CVE-2024-43944
was published
Aug 29, 2024
Logitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within...
Low
Unreviewed
CVE-2024-8011
was published
Aug 25, 2024
Insufficient access controls in ASP kernel may allow a
privileged attacker with access to AMD...
Low
Unreviewed
CVE-2021-26387
was published
Aug 13, 2024
In affected versions of Octopus Server under certain conditions, a user with specific role...
Low
Unreviewed
CVE-2024-4811
was published
Jul 25, 2024
aimeos/ai-admin-graphql improper access control vulnerability allows editors to manage own services
Low
CVE-2024-39324
was published
for
aimeos/ai-admin-graphql
(Composer)
Jul 2, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11...
Low
Unreviewed
CVE-2024-4011
was published
Jun 27, 2024
MSAL.NET applications targeting Xamarin Android and .NET Android (MAUI) susceptible to local denial of service
Low
CVE-2024-27086
was published
for
Microsoft.Identity.Client
(NuGet)
Apr 16, 2024
An issue has been discovered in GitLab affecting all versions before 16.7.6, all versions...
Low
Unreviewed
CVE-2023-3509
was published
Feb 22, 2024
Improper authorization verification vulnerability in Samsung Internet prior to version 24.0...
Low
Unreviewed
CVE-2024-20828
was published
Feb 6, 2024
changedetection.io API endpoint is not secured with API token
Low
CVE-2024-23329
was published
for
changedetection.io
(pip)
Jan 23, 2024
Nautobot missing object-level permissions enforcement when running Job Buttons
Low
CVE-2023-51649
was published
for
nautobot
(pip)
Dec 22, 2023
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed...
Low
Unreviewed
CVE-2023-51380
was published
Dec 21, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 8.17 before 16.4.4...
Low
Unreviewed
CVE-2023-3511
was published
Dec 15, 2023
Backoffice User can bypass "Publish" restriction
Low
CVE-2023-48227
was published
for
Umbraco.CMS
(NuGet)
Dec 13, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 8.13 before 16.4.3...
Low
Unreviewed
CVE-2023-4658
was published
Dec 1, 2023
An issue has been discovered in GitLab affecting all versions starting from 12.1 before 16.4.3,...
Low
Unreviewed
CVE-2023-3443
was published
Dec 1, 2023
Mattermost Incorrect Authorization vulnerability
Low
CVE-2023-5193
was published
for
github.com/mattermost/mattermost-server/v6
(Go)
Sep 29, 2023
Mattermost Incorrect Authorization vulnerability
Low
CVE-2023-5159
was published
for
github.com/mattermost/mattermost-server/v6
(Go)
Sep 29, 2023
ProTip!
Advisories are also available from the
GraphQL API