Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,411
Erlang
33
GitHub Actions
22
Go
2,146
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
899
Swift
38
Unreviewed advisories
All unreviewed
5,000+

96 advisories

Loading
Mattermost versions 9.5.x <= 9.5.5 and 9.8.0, when using shared channels with multiple remote... Low Unreviewed
CVE-2024-36257 was published Jul 3, 2024
An Improper Access Control could allow a malicious actor authenticated in the API to enable... Low Unreviewed
CVE-2024-29206 was published May 7, 2024
HCL Connections contains a broken access control vulnerability that may expose sensitive... Low Unreviewed
CVE-2024-30107 was published Apr 18, 2024
vantage6 collaboration admins can extend their influence by expanding the collaboration Low
CVE-2024-32969 was published for vantage6 (pip) May 22, 2024
Undici's fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect Low
CVE-2024-30261 was published for undici (npm) Apr 4, 2024
Uzlopak
Mattermost fails to fully validate role changes Low
CVE-2024-4198 was published for github.com/mattermost/mattermost-server (Go) Apr 26, 2024
Mattermost allows team admins to promote guests to team admins Low
CVE-2024-4195 was published for github.com/mattermost/mattermost-server (Go) Apr 26, 2024
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230816. It... Low Unreviewed
CVE-2023-4546 was published Aug 26, 2023
Improper access control vulnerability in PersonaManagerService prior to SMR Jul-2023 Release 1... Low Unreviewed
CVE-2023-30640 was published Jul 6, 2023
Improper access control in system property prior to SMR Oct-2023 Release 1 allows local attacker... Low Unreviewed
CVE-2023-30732 was published Oct 4, 2023
Improper access control vulnerability in Weather prior to SMR Sep-2023 Release 1 allows attackers... Low Unreviewed
CVE-2023-30715 was published Sep 6, 2023
Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call... Low Unreviewed
CVE-2023-30682 was published Aug 10, 2023
Improper access control in Samsung Telecom prior to SMR Aug-2023 Release 1 allows local attackers... Low Unreviewed
CVE-2023-30684 was published Aug 10, 2023
Improper access control vulnerability in Telecom prior to SMR Aug-2023 Release 1 allows local... Low Unreviewed
CVE-2023-30685 was published Aug 10, 2023
Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call... Low Unreviewed
CVE-2023-30683 was published Aug 10, 2023
Improper access control in Audio system service prior to SMR Jul-2023 Release 1 allows attacker... Low Unreviewed
CVE-2023-30667 was published Jul 6, 2023
cPanel before 66.0.2 allows demo accounts to create databases and users (SEC-271). Low Unreviewed
CVE-2017-18421 was published May 24, 2022
cPanel before 68.0.15 allows jailed accounts to restore files that are outside of the jail (SEC... Low Unreviewed
CVE-2017-18384 was published May 24, 2022
Broken access control in Silverpeas Low
CVE-2023-47320 was published for org.silverpeas.core:silverpeas-core-war (Maven) Dec 13, 2023
An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and... Low Unreviewed
CVE-2023-47536 was published Dec 13, 2023
Mattermost fails to validate team membership when a user attempts to access a playbook, allowing... Low Unreviewed
CVE-2023-6547 was published Dec 12, 2023
Improper access control in the Intel Smart Campus android application before version 9.4 may... Low Unreviewed
CVE-2023-38411 was published Nov 14, 2023
Improper access control for some Intel Unison software may allow a privileged user to potentially... Low Unreviewed
CVE-2022-41659 was published Nov 14, 2023
Froxlor vulnerable to business logic errors Low
CVE-2023-4304 was published for froxlor/froxlor (Composer) Aug 11, 2023
Admidio Improper Access Control vulnerability Low
CVE-2023-3303 was published for admidio/admidio (Composer) Jun 23, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database