GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,231
Erlang
31
GitHub Actions
20
Go
1,991
Maven
5,000+
npm
3,709
NuGet
661
pip
3,341
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
538 advisories
Filter by severity
Information disclosure in SMU in Hitachi Vantara HNAS 14.8.7825.01 on Windows allows...
High
Unreviewed
CVE-2023-5808
was published
Dec 5, 2023
Improper permission checks in Jenkins Swarm Plugin
Moderate
CVE-2020-2191
was published
for
org.jenkins-ci.plugins:swarm
(Maven)
May 24, 2022
Users with Overall/Read access could enumerate credentials IDs in Jenkins Fortify on Demand Plugin
Moderate
CVE-2020-2202
was published
for
org.jenkins-ci.plugins:fortify-on-demand-uploader
(Maven)
May 24, 2022
Improper permission checks in Jenkins Copy Artifact Plugin
Moderate
CVE-2020-2183
was published
for
org.jenkins-ci.plugins:copyartifact
(Maven)
May 24, 2022
Memory usage graphs accessible to anyone with Overall/Read
Moderate
CVE-2020-2104
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
The vulnerability allows an authenticated remote attacker to perform actions exceeding their...
High
Unreviewed
CVE-2023-48252
was published
Jan 10, 2024
Magento Insecure Direct Object Reference (IDOR) in the product module
Moderate
CVE-2021-21022
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento Unauthorized access to restricted resources
Moderate
CVE-2021-28563
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento incorrect permissions vulnerability in the Inventory module
Moderate
CVE-2020-24405
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento incorrect user permissions vulnerability within the Inventory component
Low
CVE-2020-24403
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento incorrect permissions vulnerability in the Integrations component
Moderate
CVE-2020-24402
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento improper authorization vulnerability in the integrations module
Moderate
CVE-2021-21026
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento Improper Authorization vulnerability
High
CVE-2022-34256
was published
for
magento/community-edition
(Composer)
Aug 17, 2022
Magento Improper Authorization vulnerability in the customers module
Moderate
CVE-2021-28567
was published
for
magento/community-edition
(Composer)
May 24, 2022
A vulnerability was found in Apollo 2.0.0/2.0.1 and classified as problematic. Affected by this...
Moderate
Unreviewed
CVE-2022-4962
was published
Jan 13, 2024
The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows...
Critical
Unreviewed
CVE-2022-0993
was published
Apr 20, 2022
SAP LT Replication Server - version S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107,...
High
Unreviewed
CVE-2024-21735
was published
Jan 9, 2024
Moodle all messaging conversations could be viewed
High
CVE-2019-10154
was published
for
moodle/moodle
(Composer)
May 24, 2022
A vulnerability has been found in Facepay 1.0 and classified as critical. Affected by this...
High
Unreviewed
CVE-2022-4281
was published
Dec 5, 2022
A vulnerability in the Authentication, Authorization, and Accounting (AAA) feature of Cisco IOS...
Critical
Unreviewed
CVE-2023-20186
was published
Sep 27, 2023
Firewall configured with unanimous strategy was not actually unanimous in Symfony
High
CVE-2020-5275
was published
for
symfony/security
(Composer)
Mar 30, 2020
In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint...
Moderate
Unreviewed
CVE-2024-24936
was published
Feb 6, 2024
WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining...
High
Unreviewed
CVE-2016-4029
was published
May 17, 2022
In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with...
Moderate
Unreviewed
CVE-2023-43609
was published
Feb 9, 2024
SnapCenter versions 4.8 prior to 5.0 are susceptible to a
vulnerability which could allow an...
Moderate
Unreviewed
CVE-2024-21987
was published
Feb 16, 2024
ProTip!
Advisories are also available from the
GraphQL API