GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
30 advisories
Filter by severity
Moderate severity vulnerability that affects org.keycloak:keycloak-core
Moderate
CVE-2017-12161
was published
for
org.keycloak:keycloak-core
(Maven)
Oct 18, 2018
UNEDITABLE_SCHEMAS and UNEDITABLE_TABLE_DESCRIPTION_MATCH_RULES not respected by frontend service backend
Low
GHSA-47qg-q58v-7vrp
was published
for
amundsen-frontend
(pip)
Dec 2, 2020
The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable...
Critical
Unreviewed
CVE-2022-1525
was published
Sep 7, 2022
The PrivateContent plugin for WordPress is vulnerable to protection mechanism bypass due to the...
Moderate
Unreviewed
CVE-2023-0581
was published
Jan 30, 2023
Circumvention of file size limits in ActiveStorage
High
CVE-2020-8162
was published
for
activestorage
(RubyGems)
May 26, 2020
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated...
Moderate
Unreviewed
CVE-2023-20106
was published
May 18, 2023
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated...
Moderate
Unreviewed
CVE-2023-20172
was published
May 18, 2023
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated...
Moderate
Unreviewed
CVE-2023-20171
was published
May 18, 2023
Client-Side enforcement of Server-Side security for the Command Centre server could be bypassed...
Moderate
Unreviewed
CVE-2023-23570
was published
Dec 19, 2023
A client-side enforcement of server-side security [CWE-602] vulnerability in Fortinet...
Moderate
Unreviewed
CVE-2023-42787
was published
Oct 10, 2023
Yellobrik PEC-1864 implements authentication checks via javascript in the frontend interface....
Critical
Unreviewed
CVE-2023-0750
was published
Apr 6, 2023
A security defect was identified in Foundry workspace-server that enabled a user to bypass an...
Moderate
Unreviewed
CVE-2023-30955
was published
Jun 29, 2023
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a...
Moderate
Unreviewed
CVE-2023-39218
was published
Aug 8, 2023
A client-side enforcement of server-side security in Fortinet FortiSandbox version 4.4.0 through...
High
Unreviewed
CVE-2024-31491
was published
May 14, 2024
Client-Side Enforcement of Server-Side Security vulnerability in Wpmet Wp Ultimate Review allows...
Moderate
Unreviewed
CVE-2024-32685
was published
May 17, 2024
Client-Side Enforcement of Server-Side Security vulnerability in weForms allows Removing...
Moderate
Unreviewed
CVE-2024-32512
was published
May 17, 2024
Client-Side Enforcement of Server-Side Security vulnerability in Highfivery LLC Zero Spam allows...
Moderate
Unreviewed
CVE-2024-32521
was published
May 17, 2024
A client-side enforcement of server-side security in Fortinet FortiPortal version 6.0.0 through 6...
Moderate
Unreviewed
CVE-2023-48789
was published
Jun 3, 2024
Honeywell PC42t, PC42tp, and PC42d Printers, T10.19.020016 to T10.20.060398, contain a cross-site...
Low
Unreviewed
CVE-2024-6620
was published
Jul 29, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)....
High
Unreviewed
CVE-2024-39870
was published
Jul 9, 2024
CyberArk - CWE-602: Client-Side Enforcement of Server-Side Security
High
Unreviewed
CVE-2024-42340
was published
Aug 25, 2024
Insufficient server-side controls in the management console of Ivanti Workspace Control version...
High
Unreviewed
CVE-2024-44106
was published
Sep 10, 2024
IBM Business Automation Workflow
22.0.2, 23.0.1, 23.0.2, and 24.0.0
could allow a privileged...
Moderate
Unreviewed
CVE-2024-43188
was published
Sep 18, 2024
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an...
Moderate
Unreviewed
CVE-2023-36535
was published
Aug 8, 2023
Privileges are not fully verified server-side, which can be abused by a user with limited...
High
Unreviewed
CVE-2024-28029
was published
Mar 22, 2024
ProTip!
Advisories are also available from the
GraphQL API