Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,884
Erlang
37
GitHub Actions
38
Go
2,546
Maven
5,000+
npm
4,205
NuGet
743
pip
3,978
Pub
12
RubyGems
947
Rust
1,034
Swift
39
Unreviewed advisories
All unreviewed
5,000+

545 advisories

Loading
Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR)... Moderate Unreviewed
CVE-2018-16971 was published May 13, 2022
Password exposure in concrete5/core Moderate
CVE-2021-22951 was published for concrete5/core (Composer) Nov 23, 2021
** DISPUTED ** BigTree 4.3 allows full path disclosure via authenticated admin/news/ input that... Moderate Unreviewed
CVE-2018-20405 was published May 13, 2022
Insecure direct object reference of log files of the Import/Export feature Moderate
CVE-2021-37709 was published for shopware/core (Composer) Aug 30, 2021
Exposure of sensitive information in concrete5/core Moderate
CVE-2021-22967 was published for concrete5/core (Composer) Nov 23, 2021
Dell EMC Streaming Data Platform versions before 1.3 contain an Indirect Object Reference... Moderate Unreviewed
CVE-2021-36329 was published Dec 1, 2021
elgg is vulnerable to Authorization Bypass Through User-Controlled Key Moderate
CVE-2021-3964 was published for elgg/elgg (Composer) Dec 3, 2021
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows... Moderate Unreviewed
CVE-2019-14725 was published May 24, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before... Moderate Unreviewed
CVE-2019-9170 was published May 13, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before... Moderate Unreviewed
CVE-2019-9219 was published May 13, 2022
An issue has been discovered in GitLab EE affecting all versions starting from 14.5 before 15.1.6... Moderate Unreviewed
CVE-2022-3331 was published Oct 17, 2022
Nextcloud Server before 11.0.7 and 12.0.5 suffers from an Authorization Bypass Through User... Moderate Unreviewed
CVE-2017-0936 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can add a new category to... Moderate Unreviewed
CVE-2017-15197 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can add an external link... Moderate Unreviewed
CVE-2017-15211 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can remove columns from a... Moderate Unreviewed
CVE-2017-15196 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can add a new task to a... Moderate Unreviewed
CVE-2017-15200 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit swimlanes of a... Moderate Unreviewed
CVE-2017-15195 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can remove attachments... Moderate Unreviewed
CVE-2017-15209 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit metadata of a... Moderate Unreviewed
CVE-2017-15199 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can remove categories... Moderate Unreviewed
CVE-2017-15203 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can add an internal link... Moderate Unreviewed
CVE-2017-15206 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit columns of a... Moderate Unreviewed
CVE-2017-15202 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can remove automatic... Moderate Unreviewed
CVE-2017-15208 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can add automatic actions... Moderate Unreviewed
CVE-2017-15204 was published May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit tasks of a... Moderate Unreviewed
CVE-2017-15207 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database