GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
537 advisories
Filter by severity
An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its...
High
Unreviewed
CVE-2016-7035
was published
May 13, 2022
It was found that the CloudForms before 5.6.2.2, and 5.7.0.7 did not properly apply permissions...
High
Unreviewed
CVE-2016-7071
was published
May 13, 2022
Nextcloud Server before 9.0.54 and 10.0.0 suffers from an improper authorization check on...
Moderate
Unreviewed
CVE-2016-9464
was published
May 13, 2022
Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not properly check the user's...
Moderate
Unreviewed
CVE-2016-9575
was published
May 13, 2022
A vulnerability in the authorization subsystem of Cisco Adaptive Security Appliance (ASA)...
High
Unreviewed
CVE-2018-15465
was published
May 13, 2022
Kibana before 4.5.4 and 4.1.11 when a custom output is configured for logging in, cookies and...
High
Unreviewed
CVE-2016-1000219
was published
May 13, 2022
Improper Authorization in Apache Xalan-Java
High
CVE-2014-0107
was published
for
xalan:xalan
(Maven)
May 13, 2022
Improper Authorization in Jenkins Core
High
CVE-2019-1003003
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 13, 2022
Improper Authorization in Jenkins Core
High
CVE-2019-1003004
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 13, 2022
It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions...
Moderate
Unreviewed
CVE-2018-14662
was published
May 13, 2022
An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables...
Moderate
Unreviewed
CVE-2022-0027
was published
May 12, 2022
Privilege escalation for users with create/update permissions in Global Roles in Rancher
Moderate
CVE-2021-36784
was published
for
github.com/rancher/rancher
(Go)
May 2, 2022
Write access to the catalog for any user when restricted-admin role is enabled in Rancher
High
CVE-2021-4200
was published
for
github.com/rancher/rancher
(Go)
May 2, 2022
Elcomplus SmartPTT is vulnerable when a low-authenticated user can access higher level...
High
Unreviewed
CVE-2021-43939
was published
Apr 29, 2022
The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows...
Critical
Unreviewed
CVE-2022-0993
was published
Apr 20, 2022
go.etcd.io/etcd Authentication Bypass
High
CVE-2018-16886
was published
for
go.etcd.io/etcd
(Go)
Apr 12, 2022
Improper access control vulnerability in Galaxy Store prior to version 4.5.36.4 allows attacker...
High
Unreviewed
CVE-2022-28776
was published
Apr 12, 2022
Improper Authorization in GitHub repository orchardcms/orchardcore prior to 1.3.0.
Moderate
Unreviewed
CVE-2022-0821
was published
Mar 12, 2022
Duplicate Advisory: Improper Authorization in Gogs
High
GHSA-65f3-3278-7m65
was published
for
gogs.io/gogs
(Go)
Mar 12, 2022
•
withdrawn
Improper Authorization in cobbler
Moderate
CVE-2022-0860
was published
for
cobbler
(pip)
Mar 11, 2022
Improper Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5.
Moderate
Unreviewed
CVE-2022-0756
was published
Mar 8, 2022
Improper Authorization in GitHub repository webmin/webmin prior to 1.990.
High
Unreviewed
CVE-2022-0829
was published
Mar 3, 2022
Improper Authorization in GitHub repository chocobozzz/peertube prior to 4.1.0.
Moderate
Unreviewed
CVE-2022-0726
was published
Feb 24, 2022
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C...
Critical
Unreviewed
CVE-2022-21196
was published
Feb 19, 2022
Improper Authorization in librenms
High
CVE-2022-0587
was published
for
librenms/librenms
(Composer)
Feb 16, 2022
ProTip!
Advisories are also available from the
GraphQL API