GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,277
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
30 advisories
Filter by severity
Insufficient server-side controls in Secure Application Manager of Ivanti Connect Secure before...
High
Unreviewed
CVE-2024-9844
was published
Dec 10, 2024
Password Policy Bypass Vulnerability in Fides Webserver User Accept Invite API
Low
CVE-2024-52008
was published
for
ethyca-fides
(pip)
Nov 26, 2024
Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program has found that it is possible to...
Moderate
Unreviewed
CVE-2024-6831
was published
Nov 26, 2024
A client-side enforcement of server-side security in Fortinet FortiAnalyzer-BigData
at least...
High
Unreviewed
CVE-2024-23666
was published
Nov 12, 2024
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated,...
Moderate
Unreviewed
CVE-2024-20476
was published
Nov 6, 2024
IBM Business Automation Workflow
22.0.2, 23.0.1, 23.0.2, and 24.0.0
could allow a privileged...
Moderate
Unreviewed
CVE-2024-43188
was published
Sep 18, 2024
Insufficient server-side controls in the management console of Ivanti Workspace Control version...
High
Unreviewed
CVE-2024-44106
was published
Sep 10, 2024
CyberArk - CWE-602: Client-Side Enforcement of Server-Side Security
High
Unreviewed
CVE-2024-42340
was published
Aug 25, 2024
Honeywell PC42t, PC42tp, and PC42d Printers, T10.19.020016 to T10.20.060398, contain a cross-site...
Low
Unreviewed
CVE-2024-6620
was published
Jul 29, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)....
High
Unreviewed
CVE-2024-39870
was published
Jul 9, 2024
A client-side enforcement of server-side security in Fortinet FortiPortal version 6.0.0 through 6...
Moderate
Unreviewed
CVE-2023-48789
was published
Jun 3, 2024
Client-Side Enforcement of Server-Side Security vulnerability in Wpmet Wp Ultimate Review allows...
Moderate
Unreviewed
CVE-2024-32685
was published
May 17, 2024
Client-Side Enforcement of Server-Side Security vulnerability in Highfivery LLC Zero Spam allows...
Moderate
Unreviewed
CVE-2024-32521
was published
May 17, 2024
Client-Side Enforcement of Server-Side Security vulnerability in weForms allows Removing...
Moderate
Unreviewed
CVE-2024-32512
was published
May 17, 2024
A client-side enforcement of server-side security in Fortinet FortiSandbox version 4.4.0 through...
High
Unreviewed
CVE-2024-31491
was published
May 14, 2024
Privileges are not fully verified server-side, which can be abused by a user with limited...
High
Unreviewed
CVE-2024-28029
was published
Mar 22, 2024
Client-Side enforcement of Server-Side security for the Command Centre server could be bypassed...
Moderate
Unreviewed
CVE-2023-23570
was published
Dec 19, 2023
A client-side enforcement of server-side security [CWE-602] vulnerability in Fortinet...
Moderate
Unreviewed
CVE-2023-42787
was published
Oct 10, 2023
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a...
Moderate
Unreviewed
CVE-2023-39218
was published
Aug 8, 2023
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an...
Moderate
Unreviewed
CVE-2023-36535
was published
Aug 8, 2023
A security defect was identified in Foundry workspace-server that enabled a user to bypass an...
Moderate
Unreviewed
CVE-2023-30955
was published
Jun 29, 2023
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated...
Moderate
Unreviewed
CVE-2023-20171
was published
May 18, 2023
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated...
Moderate
Unreviewed
CVE-2023-20172
was published
May 18, 2023
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated...
Moderate
Unreviewed
CVE-2023-20106
was published
May 18, 2023
Yellobrik PEC-1864 implements authentication checks via javascript in the frontend interface....
Critical
Unreviewed
CVE-2023-0750
was published
Apr 6, 2023
ProTip!
Advisories are also available from the
GraphQL API