Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

26 advisories

Loading
Withdrawn Advisory: Insufficient Granularity of Access Control in JSDom Low
CVE-2021-20066 was published for jsdom (npm) May 24, 2022 withdrawn
jhagege
Argo CD improper access control bug can allow malicious user to escalate privileges to admin level High
CVE-2022-1025 was published for github.com/argoproj/argo-cd (Go) Jul 13, 2022
Netmaker vulnerable to Insufficient Granularity of Access Control High
CVE-2022-36110 was published for github.com/gravitl/netmaker (Go) Sep 15, 2022
usememos/memos has Insufficient Granularity of Access Control Moderate
CVE-2022-4801 was published for github.com/usememos/memos (Go) Dec 28, 2022
usememos/memos has Insufficient Granularity of Access Control Moderate
CVE-2022-4813 was published for github.com/usememos/memos (Go) Dec 28, 2022
Microsoft Security Advisory CVE-2023-33127: .NET Remote Code Execution Vulnerability High
CVE-2023-33127 was published for Microsoft.WindowsDesktop.App.Runtime.win-arm64 (NuGet) Jul 11, 2023
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Low Unreviewed
CVE-2024-26246 was published Mar 15, 2024
Kimai API returns timesheet entries a user should not be authorized to view Moderate
CVE-2024-29200 was published for kimai/kimai (Composer) Mar 29, 2024
AstroGD
Improper authorization in zenml Moderate
CVE-2024-2035 was published for zenml (pip) Jun 6, 2024
lunary-ai/lunary Access Control Vulnerability in Prompt Variation Management Moderate
CVE-2024-5389 was published for lunary (npm) Jun 10, 2024 withdrawn
aimeos/ai-admin-graphql improper access control vulnerability allows an editor to modify admin account High
CVE-2024-39323 was published for aimeos/ai-admin-graphql (Composer) Jul 2, 2024
ssshah2131
aimeos/ai-admin-graphql improper access control vulnerability allows editors to manage own services Low
CVE-2024-39324 was published for aimeos/ai-admin-graphql (Composer) Jul 2, 2024
ssshah2131
Lunary information disclosure vulnerability Moderate
CVE-2024-6867 was published for lunary (npm) Sep 13, 2024
ProTip! Advisories are also available from the GraphQL API