Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

40 advisories

Loading
Incorrect access control in typo3_forum Moderate
CVE-2020-15513 was published for mittwald/typo3_forum (Composer) Jul 29, 2020
Information Disclosure in TYPO3 extension sf_event_mgt Moderate
CVE-2020-25026 was published for derhansen/sf_event_mgt (Composer) Sep 2, 2020
derhansen
Privilage Escalation in moodle Moderate
CVE-2020-25701 was published for moodle/moodle (Composer) Mar 29, 2021
Moodle allowed some users without permission to view other users' full names Moderate
CVE-2021-20281 was published for moodle/moodle (Composer) Mar 29, 2021
Incorrect Authorization in TYPO3 extension Moderate
CVE-2020-25025 was published for localizationteam/l10nmgr (Composer) Jul 26, 2021
Improper Access Control in Dolibarr Moderate
CVE-2021-25954 was published for dolibarr/dolibarr (Composer) Aug 11, 2021
Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2021-32716 was published for shopware/platform (Composer) Sep 8, 2021
SilverStripe GraphQL Server permission checker not inherited by query subclass. Moderate
CVE-2021-28661 was published for silverstripe/graphql (Composer) Oct 12, 2021
EC-CUBE Improper access control in Management screen Moderate
CVE-2021-20841 was published for ec-cube/ec-cube (Composer) Nov 25, 2021
bookstack is vulnerable to Improper Access Control Moderate
CVE-2021-4026 was published for ssddanbrown/bookstack (Composer) Dec 1, 2021
kimai2 is vulnerable to Improper Access Control Moderate
CVE-2021-3992 was published for kevinpapst/kimai2 (Composer) Dec 3, 2021
bookstack is vulnerable to Improper Access Control Moderate
CVE-2021-4194 was published for ssddanbrown/bookstack (Composer) Jan 8, 2022
Insufficient user authorization in Moodle Moderate
CVE-2022-0334 was published for moodle/moodle (Composer) Jan 28, 2022
Incorrect Authorization in Drupal core Moderate
CVE-2020-13676 was published for drupal/core (Composer) Feb 12, 2022
tdunlap607
Incorrect authorization in Drupal core Moderate
CVE-2022-25270 was published for drupal/core (Composer) Feb 18, 2022
Improper Authorization in dolibarr/dolibarr Moderate
CVE-2022-0731 was published for dolibarr/dolibarr (Composer) Feb 24, 2022
Exposure of Resource to Wrong Sphere in microweber Moderate
CVE-2022-0762 was published for microweber/microweber (Composer) Feb 27, 2022
Incorrect Authentication in shopware Moderate
CVE-2022-24748 was published for shopware/core (Composer) Mar 10, 2022
Missing authorization in Moodle Moderate
CVE-2022-0984 was published for moodle/moodle (Composer) Apr 30, 2022
Improper Authentication in moodle Moderate
CVE-2022-0985 was published for moodle/moodle (Composer) Apr 30, 2022
Moodle Logged in users could view all calendar events Moderate
CVE-2019-3848 was published for moodle/moodle (Composer) May 13, 2022
Magento security mitigation bypass vulnerability Moderate
CVE-2020-9692 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition Incorrect Authorization Moderate
CVE-2020-24401 was published for magento/community-edition (Composer) May 24, 2022
WooCommerce Incorrect Authorization Moderate
CVE-2020-29156 was published for woocommerce/woocommerce (Composer) May 24, 2022
Missing permission check in Moodle Moderate
CVE-2021-20283 was published for moodle/moodle (Composer) May 24, 2022
ProTip! Advisories are also available from the GraphQL API