GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
17 advisories
Filter by severity
Grafana API IDOR
Moderate
CVE-2022-21713
was published
for
github.com/grafana/grafana
(Go)
May 14, 2024
Grafana: Users outside an organization can delete a snapshot with its key
Moderate
CVE-2024-1313
was published
for
github.com/grafana/grafana
(Go)
Apr 5, 2024
Duplicate Advisory: Grafana vulnerable to authorization bypass
Moderate
GHSA-mh7p-8m2f-qrm6
was published
for
github.com/grafana/grafana
(Go)
Mar 26, 2024
•
withdrawn
Authorization Bypass Through User-Controlled Key in go-zero
Critical
CVE-2024-27302
was published
for
github.com/zeromicro/go-zero
(Go)
Mar 4, 2024
Privilege escalation in sap/cloud-security-client-go
Critical
CVE-2023-50424
was published
for
github.com/sap/cloud-security-client-go
(Go)
Dec 12, 2023
Netmaker IDOR Allows User to Update Other User's Password
High
CVE-2023-32078
was published
for
github.com/gravitl/netmaker
(Go)
Aug 25, 2023
Go package pydio/cells vulnerable to authorization bypass
Moderate
CVE-2023-2978
was published
for
github.com/pydio/cells
(Go)
May 30, 2023
Authorization Bypass Through User-Controlled Key play-with-docker
Moderate
CVE-2023-28109
was published
for
github.com/play-with-docker/play-with-docker
(Go)
Mar 17, 2023
usememos/memos vulnerable to Comparison of Object References Instead of Object Contents
Moderate
CVE-2022-4812
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos Improper Authorization vulnerability
Moderate
CVE-2022-4811
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos Improper Access Control vulnerability
Moderate
CVE-2022-4806
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos Improper Authorization vulnerability
Moderate
CVE-2022-4798
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos vulnerable to Improper Authorization
Moderate
CVE-2022-4802
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos Improper Access Control vulnerability
High
CVE-2022-4803
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos Improper Authentication vulnerability
Moderate
CVE-2022-4799
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos Authorization Bypass Through User-Controlled Key vulnerability
Critical
CVE-2022-4686
was published
for
github.com/usememos/memos
(Go)
Dec 23, 2022
Authorization Bypass Through User-Controlled Key in go-restful
Critical
CVE-2022-1996
was published
for
github.com/emicklei/go-restful
(Go)
Jun 9, 2022
ProTip!
Advisories are also available from the
GraphQL API