Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,003 advisories

Loading
A vulnerability in the application policy configuration of Cisco Firepower Threat Defense (FTD)... Moderate Unreviewed
CVE-2020-3312 was published May 24, 2022
A vulnerability in an access control mechanism of Cisco Firepower Management Center (FMC)... Moderate Unreviewed
CVE-2021-1477 was published May 24, 2022
OpenStack Identity Keystone Improper Access Control Moderate
CVE-2016-4911 was published for keystone (pip) May 17, 2022
OpenStack Compute (Nova) Improper Access Control Moderate
CVE-2015-2687 was published for nova (pip) May 17, 2022
A vulnerability, which was classified as critical, was found in CodeAstro Hospital Management... Moderate Unreviewed
CVE-2024-11674 was published Nov 26, 2024
A vulnerability was found in Codezips Free Exam Hall Seating Management System 1.0. It has been... Moderate Unreviewed
CVE-2024-11661 was published Nov 25, 2024
A vulnerability was found in the Ansible Automation Platform (AAP). This flaw allows attackers to... Moderate Unreviewed
CVE-2024-11483 was published Nov 25, 2024
A security flaw in Node.js allows a bypass of network import restrictions. By embedding non... Moderate Unreviewed
CVE-2024-22020 was published Jul 9, 2024
The Breakdance plugin for WordPress is vulnerable to unauthorized access of data in all versions... Moderate Unreviewed
CVE-2024-5331 was published Aug 1, 2024
Apache Airflow Improper Access Control vulnerability Moderate
CVE-2023-50783 was published for apache-airflow (pip) Dec 21, 2023
Moodle IDOR when accessing list of course badges Moderate
CVE-2024-48899 was published for moodle/moodle (Composer) Nov 20, 2024
A vulnerability classified as critical has been found in EyouCMS 1.5.6. Affected is an unknown... Moderate Unreviewed
CVE-2024-11211 was published Nov 14, 2024
Improper Access Control in janeczku/calibre-web Moderate
CVE-2021-3987 was published for calibreweb (pip) Nov 15, 2024
A vulnerability has been found in SourceCodester Best Employee Management System 1.0 and... Moderate Unreviewed
CVE-2024-11214 was published Nov 14, 2024
Improper Access Control in vantage6 Moderate
CVE-2023-41882 was published for vantage6 (pip) Oct 13, 2023
A vulnerability has been found in Codezips Online Institute Management System 1.0 and classified... Moderate Unreviewed
CVE-2024-10994 was published Nov 8, 2024
A vulnerability, which was classified as critical, was found in Codezips Online Institute... Moderate Unreviewed
CVE-2024-10993 was published Nov 8, 2024
A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an... Moderate Unreviewed
CVE-2021-1410 was published Nov 18, 2024
Mattermost Desktop App fails to safeguard screen capture functionality Moderate
CVE-2024-39772 was published for mattermost-desktop (npm) Sep 16, 2024
Mattermost allows team admin user without "Add Team Members" permission to disable invite URL Moderate
CVE-2024-40884 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 22, 2024
Mattermost allows remote actor to set arbitrary RemoteId values for synced users Moderate
CVE-2024-41926 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 1, 2024
Mattermost failed to properly validate synced reactions Moderate
CVE-2024-29977 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 1, 2024
Mattermost did not properly restrict channel creation Moderate
CVE-2024-39837 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 1, 2024
Mattermost failed to disallow the modification of local users when syncing users in shared channels Moderate
CVE-2024-36492 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 1, 2024
A vulnerability in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for... Moderate Unreviewed
CVE-2021-34753 was published Nov 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database