GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
80 advisories
Filter by severity
Improper Authorization in grumpydictator/firefly-iii
Moderate
CVE-2023-0298
was published
for
grumpydictator/firefly-iii
(Composer)
Jan 14, 2023
Multiple vulnerabilities in extension "Newsletter subscriber management" (fp_newsletter)
Critical
CVE-2022-47408
was published
for
fixpunkt/fp-newsletter
(Composer)
Dec 14, 2022
Magento Improper input validation vulnerability
High
CVE-2022-42344
was published
for
magento/community-edition
(Composer)
Oct 20, 2022
Moodle Incorrect Authorization
Moderate
CVE-2021-40692
was published
for
moodle/moodle
(Composer)
Sep 30, 2022
Magento Improper Access Control vulnerability
High
CVE-2022-34255
was published
for
magento/community-edition
(Composer)
Aug 17, 2022
Magento Improper Authorization vulnerability
High
CVE-2022-34256
was published
for
magento/community-edition
(Composer)
Aug 17, 2022
Byobu user preference to prevent private discussions being started are not respected
Low
CVE-2022-35921
was published
for
fof/byobu
(Composer)
Aug 6, 2022
Incorrect Authorization in thinkcmf
Moderate
CVE-2021-40616
was published
for
thinkcmf/thinkcmf
(Composer)
Jun 15, 2022
Fix failure to strip Authorization header on HTTP downgrade
High
CVE-2022-31043
was published
for
guzzlehttp/guzzle
(Composer)
Jun 9, 2022
Magento Improper Authorization vulnerability in the customers module
Moderate
CVE-2021-28567
was published
for
magento/community-edition
(Composer)
May 24, 2022
Drupal Core Access bypass vulnerability
Critical
CVE-2020-13665
was published
for
drupal/core
(Composer)
May 24, 2022
Missing permission check in Moodle
Moderate
CVE-2021-20283
was published
for
moodle/moodle
(Composer)
May 24, 2022
Moodle Bypass email verification secret when confirming account registration
Moderate
CVE-2021-20282
was published
for
moodle/moodle
(Composer)
May 24, 2022
WooCommerce Incorrect Authorization
Moderate
CVE-2020-29156
was published
for
woocommerce/woocommerce
(Composer)
May 24, 2022
Magento 2 Community Edition Incorrect Authorization
Moderate
CVE-2020-24401
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento security mitigation bypass vulnerability
Moderate
CVE-2020-9692
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento authorization bypass vulnerability
High
CVE-2020-9587
was published
for
magento/community-edition
(Composer)
May 24, 2022
Incorrect Authorization in Dolibarr
High
CVE-2020-12669
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2022
Drupal editor module incorrectly checks access to inline private files
High
CVE-2017-6377
was published
for
drupal/core
(Composer)
May 13, 2022
Moodle Logged in users could view all calendar events
Moderate
CVE-2019-3848
was published
for
moodle/moodle
(Composer)
May 13, 2022
Incorrect Authorization in microweber
High
CVE-2022-1631
was published
for
microweber/microweber
(Composer)
May 10, 2022
Improper Authentication in moodle
Moderate
CVE-2022-0985
was published
for
moodle/moodle
(Composer)
Apr 30, 2022
Missing authorization in Moodle
Moderate
CVE-2022-0984
was published
for
moodle/moodle
(Composer)
Apr 30, 2022
Access Control vulnerability in Dolibarr
High
CVE-2021-37517
was published
for
dolibarr/dolibarr
(Composer)
Apr 1, 2022
Incorrect Authentication in shopware
Moderate
CVE-2022-24748
was published
for
shopware/core
(Composer)
Mar 10, 2022
ProTip!
Advisories are also available from the
GraphQL API