GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
77 advisories
Filter by severity
bookstack is vulnerable to Improper Access Control
Moderate
CVE-2021-4194
was published
for
ssddanbrown/bookstack
(Composer)
Jan 8, 2022
bookstack is vulnerable to Improper Access Control
Moderate
CVE-2021-4026
was published
for
ssddanbrown/bookstack
(Composer)
Dec 1, 2021
kimai2 is vulnerable to Improper Access Control
Moderate
CVE-2021-3992
was published
for
kevinpapst/kimai2
(Composer)
Dec 3, 2021
snipe-it is vulnerable to Improper Access Control
Moderate
CVE-2021-4089
was published
for
snipe/snipe-it
(Composer)
Dec 16, 2021
BookStack is vulnerable to Improper Access Control.
Moderate
CVE-2021-4119
was published
for
ssddanbrown/bookstack
(Composer)
Dec 16, 2021
Improper Access Control in wp-graphql
Moderate
CVE-2019-25060
was published
for
wp-graphql/wp-graphql
(Composer)
May 10, 2022
Incorrect Access Control vulnerability in api-platform/core
Moderate
CVE-2019-1000011
was published
for
api-platform/core
(Composer)
Oct 14, 2019
Improper Access Control in Dolibarr
Moderate
CVE-2021-25954
was published
for
dolibarr/dolibarr
(Composer)
Aug 11, 2021
Missing Authorization in Crater Invoice
Moderate
CVE-2022-0203
was published
for
bytefury/crater
(Composer)
Jan 27, 2022
thorsten/phpmyfaq vulnerable to improper access control
Moderate
CVE-2023-1883
was published
for
thorsten/phpmyfaq
(Composer)
Apr 5, 2023
alextselegidis/easyappointments Improper Access Control vulnerability
Moderate
CVE-2023-2104
was published
for
alextselegidis/easyappointments
(Composer)
Apr 15, 2023
Incorrect Default Permissions and Improper Access Control in snipe-it
Moderate
CVE-2022-0179
was published
for
snipe/snipe-it
(Composer)
Jan 21, 2022
Improper Access Control in snipe-it
Moderate
CVE-2022-0178
was published
for
snipe/snipe-it
(Composer)
Jan 26, 2022
TYPO3 Improper Access Management in the File Abstraction Layer
Moderate
CVE-2013-4320
was published
for
typo3/cms-core
(Composer)
May 17, 2022
TYPO3 Improper Access Control vulnerability
Moderate
CVE-2013-7081
was published
for
typo3/cms-core
(Composer)
May 17, 2022
Drupal improper access restrictions
Moderate
CVE-2012-2153
was published
for
drupal/drupal
(Composer)
May 17, 2022
Incorrect Authorization in Drupal core
Moderate
CVE-2020-13676
was published
for
drupal/core
(Composer)
Feb 12, 2022
Craft CMS Unauthorized View
Moderate
CVE-2017-8383
was published
for
craftcms/cms
(Composer)
May 13, 2022
Moodle Unauthenticated Access
Moderate
CVE-2016-8642
was published
for
moodle/moodle
(Composer)
May 13, 2022
Easy!Appointments Improper Access Control vulnerability
Moderate
CVE-2023-3700
was published
for
alextselegidis/easyappointments
(Composer)
Jul 17, 2023
TeamPass vulnerable to Improper Access Control
Moderate
CVE-2023-3095
was published
for
nilsteampassnet/teampass
(Composer)
Jun 4, 2023
phpMyFAQ Improper Access Control vulnerability
Moderate
CVE-2023-2429
was published
for
thorsten/phpmyfaq
(Composer)
Apr 30, 2023
RosarioSIS improper access control vulnerability
Moderate
CVE-2023-2202
was published
for
francoisjacquet/rosariosis
(Composer)
Apr 21, 2023
Admidio Improper Access Control vulnerability
Moderate
CVE-2023-3304
was published
for
admidio/admidio
(Composer)
Jun 23, 2023
Microweber Improper Access Control vulnerability
Moderate
CVE-2023-5976
was published
for
microweber/microweber
(Composer)
Nov 14, 2023
ProTip!
Advisories are also available from the
GraphQL API