GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
104 advisories
Filter by severity
OroCalendarBundle has incorrect system calendar events visibility
Moderate
CVE-2023-32062
was published
for
oro/calendar-bundle
(Composer)
Nov 27, 2023
Microweber Improper Access Control vulnerability
Moderate
CVE-2023-5976
was published
for
microweber/microweber
(Composer)
Nov 14, 2023
Moodle Improper Access Control vulnerability
Moderate
CVE-2023-5549
was published
for
moodle/moodle
(Composer)
Nov 9, 2023
Moodle Improper Access Control vulnerability
Moderate
CVE-2023-5542
was published
for
moodle/moodle
(Composer)
Nov 9, 2023
Any value can be changed in the configuration table by an employee having access to block reassurance module
Moderate
CVE-2023-47110
was published
for
prestashop/blockreassurance
(Composer)
Nov 9, 2023
Froxlor vulnerable to business logic errors
Low
CVE-2023-4304
was published
for
froxlor/froxlor
(Composer)
Aug 11, 2023
Easy!Appointments Improper Access Control vulnerability
Moderate
CVE-2023-3700
was published
for
alextselegidis/easyappointments
(Composer)
Jul 17, 2023
Admidio Improper Access Control vulnerability
Moderate
CVE-2023-3304
was published
for
admidio/admidio
(Composer)
Jun 23, 2023
Admidio Improper Access Control vulnerability
Low
CVE-2023-3303
was published
for
admidio/admidio
(Composer)
Jun 23, 2023
TeamPass vulnerable to Improper Access Control
Moderate
CVE-2023-3095
was published
for
nilsteampassnet/teampass
(Composer)
Jun 4, 2023
phpMyFAQ Improper Access Control vulnerability
Moderate
CVE-2023-2429
was published
for
thorsten/phpmyfaq
(Composer)
Apr 30, 2023
RosarioSIS improper access control vulnerability
Moderate
CVE-2023-2202
was published
for
francoisjacquet/rosariosis
(Composer)
Apr 21, 2023
alextselegidis/easyappointments Improper Access Control vulnerability
Moderate
CVE-2023-2104
was published
for
alextselegidis/easyappointments
(Composer)
Apr 15, 2023
thorsten/phpmyfaq vulnerable to improper access control
Moderate
CVE-2023-1883
was published
for
thorsten/phpmyfaq
(Composer)
Apr 5, 2023
RosarioSIS Improper Access Control vulnerability
High
CVE-2023-0994
was published
for
francoisjacquet/rosariosis
(Composer)
Feb 24, 2023
Moodle Improper Access Control vulnerability
High
CVE-2023-23923
was published
for
moodle/moodle
(Composer)
Feb 17, 2023
Flarum post mentions can be used to read any post on the forum without access control
High
CVE-2023-22487
was published
for
flarum/mentions
(Composer)
Jan 10, 2023
easyii CMS's File Upload Management vulnerable to unrestricted upload
Critical
CVE-2022-3771
was published
for
noumo/easyii
(Composer)
Oct 31, 2022
Magento Improper Access Control vulnerability
Moderate
CVE-2022-34259
was published
for
magento/community-edition
(Composer)
Aug 17, 2022
Magento Improper Access Control vulnerability
High
CVE-2022-34255
was published
for
magento/community-edition
(Composer)
Aug 17, 2022
JetPack Exposure of Resource to Wrong Sphere
Moderate
CVE-2021-24374
was published
for
automattic/jetpack
(Composer)
May 24, 2022
Magento Improper Access Control
Moderate
CVE-2021-21020
was published
for
magento/community-edition
(Composer)
May 24, 2022
Moodle incorrect access control
High
CVE-2020-25629
was published
for
moodle/moodle
(Composer)
May 24, 2022
moodle Improper Access Control
Moderate
CVE-2019-10189
was published
for
moodle/moodle
(Composer)
May 24, 2022
moodle Improper Access Control
Moderate
CVE-2019-10188
was published
for
moodle/moodle
(Composer)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API