GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
48 advisories
Filter by severity
Incorrect access control in typo3_forum
Moderate
CVE-2020-15513
was published
for
mittwald/typo3_forum
(Composer)
Jul 29, 2020
Information Disclosure in TYPO3 extension sf_event_mgt
Moderate
CVE-2020-25026
was published
for
derhansen/sf_event_mgt
(Composer)
Sep 2, 2020
Privilage Escalation in moodle
Moderate
CVE-2020-25701
was published
for
moodle/moodle
(Composer)
Mar 29, 2021
Moodle allowed some users without permission to view other users' full names
Moderate
CVE-2021-20281
was published
for
moodle/moodle
(Composer)
Mar 29, 2021
Incorrect Authorization in TYPO3 extension
Moderate
CVE-2020-25025
was published
for
localizationteam/l10nmgr
(Composer)
Jul 26, 2021
Improper Access Control in Dolibarr
Moderate
CVE-2021-25954
was published
for
dolibarr/dolibarr
(Composer)
Aug 11, 2021
Exposure of Sensitive Information to an Unauthorized Actor
Moderate
CVE-2021-32716
was published
for
shopware/platform
(Composer)
Sep 8, 2021
SilverStripe GraphQL Server permission checker not inherited by query subclass.
Moderate
CVE-2021-28661
was published
for
silverstripe/graphql
(Composer)
Oct 12, 2021
EC-CUBE Improper access control in Management screen
Moderate
CVE-2021-20841
was published
for
ec-cube/ec-cube
(Composer)
Nov 25, 2021
bookstack is vulnerable to Improper Access Control
Moderate
CVE-2021-4026
was published
for
ssddanbrown/bookstack
(Composer)
Dec 1, 2021
kimai2 is vulnerable to Improper Access Control
Moderate
CVE-2021-3992
was published
for
kevinpapst/kimai2
(Composer)
Dec 3, 2021
bookstack is vulnerable to Improper Access Control
Moderate
CVE-2021-4194
was published
for
ssddanbrown/bookstack
(Composer)
Jan 8, 2022
Insufficient user authorization in Moodle
Moderate
CVE-2022-0334
was published
for
moodle/moodle
(Composer)
Jan 28, 2022
Incorrect Authorization in Drupal core
Moderate
CVE-2020-13676
was published
for
drupal/core
(Composer)
Feb 12, 2022
Incorrect authorization in Drupal core
Moderate
CVE-2022-25270
was published
for
drupal/core
(Composer)
Feb 18, 2022
Improper Authorization in dolibarr/dolibarr
Moderate
CVE-2022-0731
was published
for
dolibarr/dolibarr
(Composer)
Feb 24, 2022
Exposure of Resource to Wrong Sphere in microweber
Moderate
CVE-2022-0762
was published
for
microweber/microweber
(Composer)
Feb 27, 2022
Incorrect Authentication in shopware
Moderate
CVE-2022-24748
was published
for
shopware/core
(Composer)
Mar 10, 2022
Missing authorization in Moodle
Moderate
CVE-2022-0984
was published
for
moodle/moodle
(Composer)
Apr 30, 2022
Improper Authentication in moodle
Moderate
CVE-2022-0985
was published
for
moodle/moodle
(Composer)
Apr 30, 2022
Moodle Logged in users could view all calendar events
Moderate
CVE-2019-3848
was published
for
moodle/moodle
(Composer)
May 13, 2022
Magento security mitigation bypass vulnerability
Moderate
CVE-2020-9692
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento 2 Community Edition Incorrect Authorization
Moderate
CVE-2020-24401
was published
for
magento/community-edition
(Composer)
May 24, 2022
WooCommerce Incorrect Authorization
Moderate
CVE-2020-29156
was published
for
woocommerce/woocommerce
(Composer)
May 24, 2022
Moodle Bypass email verification secret when confirming account registration
Moderate
CVE-2021-20282
was published
for
moodle/moodle
(Composer)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API