GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
263 advisories
Filter by severity
Users with ROLE_COURSE_ADMIN can create new users in Opencast
Moderate
CVE-2020-5231
was published
for
org.opencastproject:opencast-kernel
(Maven)
Jan 30, 2020
Access Restriction Bypass in Docker
Moderate
CVE-2014-6408
was published
for
github.com/docker/docker
(Go)
Feb 15, 2022
Improper Authorization in grumpydictator/firefly-iii
Moderate
CVE-2023-0298
was published
for
grumpydictator/firefly-iii
(Composer)
Jan 14, 2023
Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Improper...
Moderate
Unreviewed
CVE-2021-21096
was published
May 24, 2022
Improper Authorization in Jenkins
Moderate
CVE-2018-1000408
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 13, 2022
An improper authorization flaw was discovered in openstack-selinux's applied policy where it does...
Moderate
Unreviewed
CVE-2020-1690
was published
May 24, 2022
RoboHelp Server earlier versions than RHS 11 Update 3 are affected by an Improper Authorization...
Moderate
Unreviewed
CVE-2022-30670
was published
Jun 17, 2022
An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14...
Moderate
Unreviewed
CVE-2016-9938
was published
May 17, 2022
Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones...
Moderate
Unreviewed
CVE-2016-8776
was published
May 17, 2022
A vulnerability, which was classified as problematic, has been found in Click Studios...
Moderate
Unreviewed
CVE-2022-3876
was published
Dec 19, 2022
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where certain PHP...
Moderate
Unreviewed
CVE-2022-3187
was published
Dec 22, 2022
The permission control of AIFU cashier management salary query function can be bypassed, thus...
Moderate
Unreviewed
CVE-2021-42337
was published
May 24, 2022
A vulnerability, which was classified as problematic, was found in jvvlee MerlinsBoard. This...
Moderate
Unreviewed
CVE-2015-10033
was published
Jan 9, 2023
Banking services from SAP 9.0 (Bank Analyzer), version - 500, and SAP S/4HANA for financial...
Moderate
Unreviewed
CVE-2020-6311
was published
May 24, 2022
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017...
Moderate
Unreviewed
CVE-2020-24431
was published
May 24, 2022
A vulnerability was found in Moodle affecting 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and...
Moderate
Unreviewed
CVE-2019-14828
was published
May 24, 2022
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are...
Moderate
Unreviewed
CVE-2021-36037
was published
May 24, 2022
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). An...
Moderate
Unreviewed
CVE-2021-33723
was published
May 24, 2022
Jenkins Google Compute Engine Plugin Missing Authorization vulnerability
Moderate
CVE-2019-16547
was published
for
org.jenkins-ci.plugins:google-compute-engine
(Maven)
May 24, 2022
Jenkins RapidDeploy Plugin missing permission check
Moderate
CVE-2019-16571
was published
for
org.jenkins-ci.plugins:rapiddeploy-jenkins
(Maven)
May 24, 2022
Privilege escalation for users with create/update permissions in Global Roles in Rancher
Moderate
CVE-2021-36784
was published
for
github.com/rancher/rancher
(Go)
May 2, 2022
The “List View” function of ShinHer StudyOnline System is not under authority control. After...
Moderate
Unreviewed
CVE-2021-42332
was published
May 24, 2022
The learning history page of the Easytest is vulnerable by permission bypass. After obtaining a...
Moderate
Unreviewed
CVE-2021-42336
was published
May 24, 2022
The “Study Edit” function of ShinHer StudyOnline System does not perform permission control....
Moderate
Unreviewed
CVE-2021-42331
was published
May 24, 2022
Tad Web is vulnerable to authorization bypass, thus remote attackers can exploit the...
Moderate
Unreviewed
CVE-2021-41568
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API