Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,344
Maven
5,000+
npm
3,973
NuGet
719
pip
3,770
Pub
12
RubyGems
923
Rust
978
Swift
38
Unreviewed advisories
All unreviewed
5,000+

30 advisories

Loading
Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows... Moderate Unreviewed
CVE-2025-43699 was published Jun 10, 2025
Client-side enforcement of server-side security issue exists in wivia 5 all versions. If... Moderate Unreviewed
CVE-2025-47697 was published May 30, 2025
Insufficient policy enforcement in Extensions API in Google Chrome prior to 105.0.5195.52 allowed... Moderate Unreviewed
CVE-2022-3047 was published Sep 27, 2022
A vulnerability has been found in Dígitro NGC Explorer 3.44.15 and classified as problematic.... Moderate Unreviewed
CVE-2025-4527 was published May 11, 2025
Outsystems Multiple File Upload < 3.1.0 is vulnerable to Unrestricted File Upload. The... Moderate Unreviewed
CVE-2025-28168 was published May 5, 2025
Insufficient policy enforcement in custom tabs in Google Chrome on Android prior to 106.0.5249.62... Moderate Unreviewed
CVE-2022-3310 was published Nov 2, 2022
IBM Cloud Pak for Business Automation 24.0.0 and 24.0.1 through 24.0.1 IF001 Authoring allows... Moderate Unreviewed
CVE-2025-1838 was published May 3, 2025
A Client-Side Enforcement of Server-Side Security issue was discovered in ProMinent MultiFLEX... Moderate Unreviewed
CVE-2017-14013 was published May 13, 2022
In Zammad 6.4.x before 6.4.2, there is client-side enforcement of server-side security. When... Moderate Unreviewed
CVE-2025-32359 was published Apr 5, 2025
Insufficient policy enforcement in DevTools in Google Chrome prior to 110.0.5481.77 allowed a... Moderate Unreviewed
CVE-2023-0704 was published Feb 7, 2023
A client-side enforcement of server-side security vulnerability [CWE-602] in Fortinet... Moderate Unreviewed
CVE-2024-52960 was published Mar 11, 2025
IBM Robotic Process Automation 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 and IBM... Moderate Unreviewed
CVE-2024-49824 was published Jan 18, 2025
Umbraco Forms's Short and Long Answer Fields Are Not Validated Server-Side For Maximum Length Moderate
CVE-2025-23041 was published for Umbraco.Forms (NuGet) Jan 14, 2025
RGV2ZWxvcGVy
Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program has found that it is possible to... Moderate Unreviewed
CVE-2024-6831 was published Nov 26, 2024
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated,... Moderate Unreviewed
CVE-2024-20476 was published Nov 6, 2024
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an... Moderate Unreviewed
CVE-2023-36535 was published Aug 8, 2023
IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 could allow a privileged... Moderate Unreviewed
CVE-2024-43188 was published Sep 18, 2024
A client-side enforcement of server-side security in Fortinet FortiPortal version 6.0.0 through 6... Moderate Unreviewed
CVE-2023-48789 was published Jun 3, 2024
Client-Side Enforcement of Server-Side Security vulnerability in Wpmet Wp Ultimate Review allows... Moderate Unreviewed
CVE-2024-32685 was published May 17, 2024
Client-Side Enforcement of Server-Side Security vulnerability in weForms allows Removing... Moderate Unreviewed
CVE-2024-32512 was published May 17, 2024
Client-Side Enforcement of Server-Side Security vulnerability in Highfivery LLC Zero Spam allows... Moderate Unreviewed
CVE-2024-32521 was published May 17, 2024
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a... Moderate Unreviewed
CVE-2023-39218 was published Aug 8, 2023
A security defect was identified in Foundry workspace-server that enabled a user to bypass an... Moderate Unreviewed
CVE-2023-30955 was published Jun 29, 2023
A client-side enforcement of server-side security [CWE-602] vulnerability in Fortinet... Moderate Unreviewed
CVE-2023-42787 was published Oct 10, 2023
Client-Side enforcement of Server-Side security for the Command Centre server could be bypassed... Moderate Unreviewed
CVE-2023-23570 was published Dec 19, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database