Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

70 advisories

Loading
bookstack is vulnerable to Improper Access Control Moderate
CVE-2021-4194 was published for ssddanbrown/bookstack (Composer) Jan 8, 2022
bookstack is vulnerable to Improper Access Control Moderate
CVE-2021-4026 was published for ssddanbrown/bookstack (Composer) Dec 1, 2021
kimai2 is vulnerable to Improper Access Control Moderate
CVE-2021-3992 was published for kevinpapst/kimai2 (Composer) Dec 3, 2021
snipe-it is vulnerable to Improper Access Control Moderate
CVE-2021-4089 was published for snipe/snipe-it (Composer) Dec 16, 2021
BookStack is vulnerable to Improper Access Control. Moderate
CVE-2021-4119 was published for ssddanbrown/bookstack (Composer) Dec 16, 2021
Improper Access Control in wp-graphql Moderate
CVE-2019-25060 was published for wp-graphql/wp-graphql (Composer) May 10, 2022
Incorrect Access Control vulnerability in api-platform/core Moderate
CVE-2019-1000011 was published for api-platform/core (Composer) Oct 14, 2019
Improper Access Control in Dolibarr Moderate
CVE-2021-25954 was published for dolibarr/dolibarr (Composer) Aug 11, 2021
Missing Authorization in Crater Invoice Moderate
CVE-2022-0203 was published for bytefury/crater (Composer) Jan 27, 2022
thorsten/phpmyfaq vulnerable to improper access control Moderate
CVE-2023-1883 was published for thorsten/phpmyfaq (Composer) Apr 5, 2023
alextselegidis/easyappointments Improper Access Control vulnerability Moderate
CVE-2023-2104 was published for alextselegidis/easyappointments (Composer) Apr 15, 2023
Incorrect Default Permissions and Improper Access Control in snipe-it Moderate
CVE-2022-0179 was published for snipe/snipe-it (Composer) Jan 21, 2022
Improper Access Control in snipe-it Moderate
CVE-2022-0178 was published for snipe/snipe-it (Composer) Jan 26, 2022
TYPO3 Improper Access Management in the File Abstraction Layer Moderate
CVE-2013-4320 was published for typo3/cms-core (Composer) May 17, 2022
TYPO3 Improper Access Control vulnerability Moderate
CVE-2013-7081 was published for typo3/cms-core (Composer) May 17, 2022
Drupal improper access restrictions Moderate
CVE-2012-2153 was published for drupal/drupal (Composer) May 17, 2022
Incorrect Authorization in Drupal core Moderate
CVE-2020-13676 was published for drupal/core (Composer) Feb 12, 2022
tdunlap607
Craft CMS Unauthorized View Moderate
CVE-2017-8383 was published for craftcms/cms (Composer) May 13, 2022
Moodle Unauthenticated Access Moderate
CVE-2016-8642 was published for moodle/moodle (Composer) May 13, 2022
Easy!Appointments Improper Access Control vulnerability Moderate
CVE-2023-3700 was published for alextselegidis/easyappointments (Composer) Jul 17, 2023
TeamPass vulnerable to Improper Access Control Moderate
CVE-2023-3095 was published for nilsteampassnet/teampass (Composer) Jun 4, 2023
phpMyFAQ Improper Access Control vulnerability Moderate
CVE-2023-2429 was published for thorsten/phpmyfaq (Composer) Apr 30, 2023
RosarioSIS improper access control vulnerability Moderate
CVE-2023-2202 was published for francoisjacquet/rosariosis (Composer) Apr 21, 2023
Admidio Improper Access Control vulnerability Moderate
CVE-2023-3304 was published for admidio/admidio (Composer) Jun 23, 2023
Microweber Improper Access Control vulnerability Moderate
CVE-2023-5976 was published for microweber/microweber (Composer) Nov 14, 2023
ProTip! Advisories are also available from the GraphQL API