GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,904
Maven
5,000+
npm
5,000+
NuGet
967
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,374
Swift
54
Unreviewed advisories
All unreviewed
5,000+
78 advisories
Filter by severity
moodle: IDOR when fetching report schedules
Moderate
CVE-2024-48901
was published
for
moodle/moodle
(Composer)
Nov 18, 2024
moodle: IDOR in edit/delete RSS feed
Moderate
CVE-2024-48897
was published
for
moodle/moodle
(Composer)
Nov 18, 2024
Improper Authorization in dolibarr/dolibarr
Moderate
CVE-2021-3991
was published
for
dolibarr/dolibarr
(Composer)
Nov 15, 2024
Magento Open Source Improper Authorization vulnerability
High
CVE-2024-45132
was published
for
magento/community-edition
(Composer)
Oct 10, 2024
Magento Open Source Improper Authorization vulnerability
Moderate
CVE-2024-45131
was published
for
magento/community-edition
(Composer)
Oct 10, 2024
Magento Open Source Improper Authorization vulnerability
Moderate
CVE-2024-45128
was published
for
magento/community-edition
(Composer)
Oct 10, 2024
Powermail TYPO3 extension Broken Access Control in the OutputController
Moderate
CVE-2024-45233
was published
for
in2code/powermail
(Composer)
Aug 29, 2024
Magento Open Source Improper Authorization vulnerability
Moderate
CVE-2024-39412
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Improper Access Control Leads to Privilege escalation
Moderate
CVE-2024-39419
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Improper Authorization leads to Security feature bypass
Moderate
CVE-2024-39416
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Improper Authorization Leading to Security feature bypass
Moderate
CVE-2024-39415
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Improper Authorization leads to security feature bypass
Moderate
CVE-2024-39411
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Improper Authorization leads to Security feature bypass
Moderate
CVE-2024-39417
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Improper Authorization vulnerability
Moderate
CVE-2024-39407
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Improper Authorization vulnerability
Moderate
CVE-2024-39418
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Improper Authorization vulnerability
Moderate
CVE-2024-39413
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Improper Authorization vulnerability
Moderate
CVE-2024-39405
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Improper Authorization vulnerability
Moderate
CVE-2024-39404
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Open Source Improper Authorization vulnerability
High
CVE-2024-34104
was published
for
magento/community-edition
(Composer)
Jun 13, 2024
TYPO3 Broken Access Control in Localization Handling
Moderate
GHSA-772m-43f3-hmf8
was published
for
typo3/cms
(Composer)
Jun 7, 2024
Information Disclosure in TYPO3 Backend
Moderate
GHSA-vpr3-rc99-2wpr
was published
for
typo3/cms
(Composer)
Jun 5, 2024
FOSUserBundle User Identity Validation Vulnerability
Moderate
GHSA-8wx3-8m4x-g5h4
was published
for
friendsofsymfony/user-bundle
(Composer)
May 15, 2024
eZ Publish Legacy Passwordless login for LDAP users
High
GHSA-p9mp-vq4v-v5m5
was published
for
ezsystems/ezpublish-legacy
(Composer)
May 15, 2024
Pixelfed doesn't check OAuth Scopes in API routes, giving elevated permissions
Critical
CVE-2024-25108
was published
for
pixelfed/pixelfed
(Composer)
Feb 12, 2024
PrestaShop blockreassurance BO User can remove any file from server when adding a and deleting a block
Moderate
CVE-2023-47109
was published
for
prestashop/blockreassurance
(Composer)
Nov 8, 2023
ProTip!
Advisories are also available from the
GraphQL API