Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

263 advisories

Loading
Improper Authorization in aedes Moderate
CVE-2018-3778 was published for aedes (npm) Aug 15, 2018
tdunlap607
Users with ROLE_COURSE_ADMIN can create new users in Opencast Moderate
CVE-2020-5231 was published for org.opencastproject:opencast-kernel (Maven) Jan 30, 2020
2FA bypass through deleting devices in wagtail-2fa Moderate
CVE-2020-5240 was published for wagtail-2fa (pip) Mar 13, 2020
Unauthorized privilege escalation in Mod module Moderate
CVE-2020-15278 was published for red-discordbot (pip) Oct 27, 2020
Jackenmen
Publify `guest` role users can self-register even when the admin does not allow it Moderate
CVE-2021-25973 was published for publify_core (RubyGems) Nov 3, 2021
oliverchang
Access Restriction Bypass in Docker Moderate
CVE-2014-6408 was published for github.com/docker/docker (Go) Feb 15, 2022
Arbitrary File Override in Docker Engine Moderate
CVE-2015-3631 was published for github.com/docker/docker (Go) Feb 15, 2022
neersighted
Improper Authorization in GitHub repository chocobozzz/peertube prior to 4.1.0. Moderate Unreviewed
CVE-2022-0726 was published Feb 24, 2022
Improper Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5. Moderate Unreviewed
CVE-2022-0756 was published Mar 8, 2022
Improper Authorization in cobbler Moderate
CVE-2022-0860 was published for cobbler (pip) Mar 11, 2022
ysf
Improper Authorization in GitHub repository orchardcms/orchardcore prior to 1.3.0. Moderate Unreviewed
CVE-2022-0821 was published Mar 12, 2022
Improper Authorization in GitHub repository janeczku/calibre-web prior to 0.6.16. Moderate Unreviewed
CVE-2022-0406 was published Apr 4, 2022
Privilege escalation for users with create/update permissions in Global Roles in Rancher Moderate
CVE-2021-36784 was published for github.com/rancher/rancher (Go) May 2, 2022
Improper authorization in Jenkins Job and Node Ownership Plugin Moderate
CVE-2018-1000107 was published for com.synopsys.jenkinsci:ownership (Maven) May 13, 2022
Improper Authorization in Jenkins Moderate
CVE-2018-1000408 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
ProTip! Advisories are also available from the GraphQL API