Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

27 advisories

Loading
Moderate severity vulnerability that affects org.keycloak:keycloak-core Moderate
CVE-2017-12161 was published for org.keycloak:keycloak-core (Maven) Oct 18, 2018
UNEDITABLE_SCHEMAS and UNEDITABLE_TABLE_DESCRIPTION_MATCH_RULES not respected by frontend service backend Low
GHSA-47qg-q58v-7vrp was published for amundsen-frontend (pip) Dec 2, 2020
dorianj
The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable... Critical Unreviewed
CVE-2022-1525 was published Sep 7, 2022
The PrivateContent plugin for WordPress is vulnerable to protection mechanism bypass due to the... Moderate Unreviewed
CVE-2023-0581 was published Jan 30, 2023
Circumvention of file size limits in ActiveStorage High
CVE-2020-8162 was published for activestorage (RubyGems) May 26, 2020
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated... Moderate Unreviewed
CVE-2023-20106 was published May 18, 2023
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated... Moderate Unreviewed
CVE-2023-20172 was published May 18, 2023
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated... Moderate Unreviewed
CVE-2023-20171 was published May 18, 2023
Client-Side enforcement of Server-Side security for the Command Centre server could be bypassed... Moderate Unreviewed
CVE-2023-23570 was published Dec 19, 2023
A client-side enforcement of server-side security [CWE-602] vulnerability in Fortinet... Moderate Unreviewed
CVE-2023-42787 was published Oct 10, 2023
Yellobrik PEC-1864 implements authentication checks via javascript in the frontend interface.... Critical Unreviewed
CVE-2023-0750 was published Apr 6, 2023
A security defect was identified in Foundry workspace-server that enabled a user to bypass an... Moderate Unreviewed
CVE-2023-30955 was published Jun 29, 2023
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a... Moderate Unreviewed
CVE-2023-39218 was published Aug 8, 2023
A client-side enforcement of server-side security in Fortinet FortiSandbox version 4.4.0 through... High Unreviewed
CVE-2024-31491 was published May 14, 2024
Client-Side Enforcement of Server-Side Security vulnerability in weForms allows Removing... Moderate Unreviewed
CVE-2024-32512 was published May 17, 2024
Client-Side Enforcement of Server-Side Security vulnerability in Highfivery LLC Zero Spam allows... Moderate Unreviewed
CVE-2024-32521 was published May 17, 2024
Client-Side Enforcement of Server-Side Security vulnerability in Wpmet Wp Ultimate Review allows... Moderate Unreviewed
CVE-2024-32685 was published May 17, 2024
A client-side enforcement of server-side security in Fortinet FortiPortal version 6.0.0 through 6... Moderate Unreviewed
CVE-2023-48789 was published Jun 3, 2024
Honeywell PC42t, PC42tp, and PC42d Printers, T10.19.020016 to T10.20.060398, contain a cross-site... Low Unreviewed
CVE-2024-6620 was published Jul 29, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... High Unreviewed
CVE-2024-39870 was published Jul 9, 2024
CyberArk - CWE-602: Client-Side Enforcement of Server-Side Security High Unreviewed
CVE-2024-42340 was published Aug 25, 2024
Insufficient server-side controls in the management console of Ivanti Workspace Control version... High Unreviewed
CVE-2024-44106 was published Sep 10, 2024
IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 could allow a privileged... Moderate Unreviewed
CVE-2024-43188 was published Sep 18, 2024
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an... Moderate Unreviewed
CVE-2023-36535 was published Aug 8, 2023
Privileges are not fully verified server-side, which can be abused by a user with limited... High Unreviewed
CVE-2024-28029 was published Mar 22, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database