GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
263 advisories
Filter by severity
Users with ROLE_COURSE_ADMIN can create new users in Opencast
Moderate
CVE-2020-5231
was published
for
org.opencastproject:opencast-kernel
(Maven)
Jan 30, 2020
2FA bypass through deleting devices in wagtail-2fa
Moderate
CVE-2020-5240
was published
for
wagtail-2fa
(pip)
Mar 13, 2020
Unauthorized privilege escalation in Mod module
Moderate
CVE-2020-15278
was published
for
red-discordbot
(pip)
Oct 27, 2020
Publify `guest` role users can self-register even when the admin does not allow it
Moderate
CVE-2021-25973
was published
for
publify_core
(RubyGems)
Nov 3, 2021
Improper Authorization vulnerability in Link Sharing prior to version 12.4.00.3 allows attackers...
Moderate
Unreviewed
CVE-2022-24002
was published
Feb 12, 2022
Access Restriction Bypass in Docker
Moderate
CVE-2014-6408
was published
for
github.com/docker/docker
(Go)
Feb 15, 2022
Arbitrary File Override in Docker Engine
Moderate
CVE-2015-3631
was published
for
github.com/docker/docker
(Go)
Feb 15, 2022
Improper Authorization in GitHub repository chocobozzz/peertube prior to 4.1.0.
Moderate
Unreviewed
CVE-2022-0726
was published
Feb 24, 2022
Improper Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5.
Moderate
Unreviewed
CVE-2022-0756
was published
Mar 8, 2022
Improper Authorization in cobbler
Moderate
CVE-2022-0860
was published
for
cobbler
(pip)
Mar 11, 2022
Improper Authorization in GitHub repository orchardcms/orchardcore prior to 1.3.0.
Moderate
Unreviewed
CVE-2022-0821
was published
Mar 12, 2022
Improper Authorization in GitHub repository janeczku/calibre-web prior to 0.6.16.
Moderate
Unreviewed
CVE-2022-0406
was published
Apr 4, 2022
Privilege escalation for users with create/update permissions in Global Roles in Rancher
Moderate
CVE-2021-36784
was published
for
github.com/rancher/rancher
(Go)
May 2, 2022
An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables...
Moderate
Unreviewed
CVE-2022-0027
was published
May 12, 2022
It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions...
Moderate
Unreviewed
CVE-2018-14662
was published
May 13, 2022
Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not properly check the user's...
Moderate
Unreviewed
CVE-2016-9575
was published
May 13, 2022
Nextcloud Server before 9.0.54 and 10.0.0 suffers from an improper authorization check on...
Moderate
Unreviewed
CVE-2016-9464
was published
May 13, 2022
IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive...
Moderate
Unreviewed
CVE-2016-0373
was published
May 13, 2022
Improper authorization in Jenkins Job and Node Ownership Plugin
Moderate
CVE-2018-1000107
was published
for
com.synopsys.jenkinsci:ownership
(Maven)
May 13, 2022
Improper Authorization in Jenkins
Moderate
CVE-2018-1000408
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.2 is affected. watchOS before 3...
Moderate
Unreviewed
CVE-2016-7651
was published
May 14, 2022
phpMyFAQ before 2.8.13 allows remote authenticated users with admin privileges to bypass...
Moderate
Unreviewed
CVE-2014-6049
was published
May 14, 2022
IBM Business Process Manager 7.5.x, 8.0.x, 8.5.0, 8.5.5, and 8.5.6.0 through cumulative fix 2...
Moderate
Unreviewed
CVE-2015-7463
was published
May 14, 2022
The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 before Patch 3 on Windows...
Moderate
Unreviewed
CVE-2016-5063
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API