Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,201
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

251 advisories

Loading
Users with ROLE_COURSE_ADMIN can create new users in Opencast Moderate
CVE-2020-5231 was published for org.opencastproject:opencast-kernel (Maven) Jan 30, 2020
Access Restriction Bypass in Docker Moderate
CVE-2014-6408 was published for github.com/docker/docker (Go) Feb 15, 2022
Improper Authorization in grumpydictator/firefly-iii Moderate
CVE-2023-0298 was published for grumpydictator/firefly-iii (Composer) Jan 14, 2023
Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Improper... Moderate Unreviewed
CVE-2021-21096 was published May 24, 2022
Improper Authorization in Jenkins Moderate
CVE-2018-1000408 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
An improper authorization flaw was discovered in openstack-selinux's applied policy where it does... Moderate Unreviewed
CVE-2020-1690 was published May 24, 2022
RoboHelp Server earlier versions than RHS 11 Update 3 are affected by an Improper Authorization... Moderate Unreviewed
CVE-2022-30670 was published Jun 17, 2022
An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14... Moderate Unreviewed
CVE-2016-9938 was published May 17, 2022
Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones... Moderate Unreviewed
CVE-2016-8776 was published May 17, 2022
A vulnerability, which was classified as problematic, has been found in Click Studios... Moderate Unreviewed
CVE-2022-3876 was published Dec 19, 2022
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where certain PHP... Moderate Unreviewed
CVE-2022-3187 was published Dec 22, 2022
The permission control of AIFU cashier management salary query function can be bypassed, thus... Moderate Unreviewed
CVE-2021-42337 was published May 24, 2022
A vulnerability, which was classified as problematic, was found in jvvlee MerlinsBoard. This... Moderate Unreviewed
CVE-2015-10033 was published Jan 9, 2023
Banking services from SAP 9.0 (Bank Analyzer), version - 500, and SAP S/4HANA for financial... Moderate Unreviewed
CVE-2020-6311 was published May 24, 2022
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017... Moderate Unreviewed
CVE-2020-24431 was published May 24, 2022
A vulnerability was found in Moodle affecting 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and... Moderate Unreviewed
CVE-2019-14828 was published May 24, 2022
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are... Moderate Unreviewed
CVE-2021-36037 was published May 24, 2022
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). An... Moderate Unreviewed
CVE-2021-33723 was published May 24, 2022
Jenkins Google Compute Engine Plugin Missing Authorization vulnerability Moderate
CVE-2019-16547 was published for org.jenkins-ci.plugins:google-compute-engine (Maven) May 24, 2022
Jenkins RapidDeploy Plugin missing permission check Moderate
CVE-2019-16571 was published for org.jenkins-ci.plugins:rapiddeploy-jenkins (Maven) May 24, 2022
Privilege escalation for users with create/update permissions in Global Roles in Rancher Moderate
CVE-2021-36784 was published for github.com/rancher/rancher (Go) May 2, 2022
The “List View” function of ShinHer StudyOnline System is not under authority control. After... Moderate Unreviewed
CVE-2021-42332 was published May 24, 2022
The learning history page of the Easytest is vulnerable by permission bypass. After obtaining a... Moderate Unreviewed
CVE-2021-42336 was published May 24, 2022
The “Study Edit” function of ShinHer StudyOnline System does not perform permission control.... Moderate Unreviewed
CVE-2021-42331 was published May 24, 2022
Tad Web is vulnerable to authorization bypass, thus remote attackers can exploit the... Moderate Unreviewed
CVE-2021-41568 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database