GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
623 advisories
Filter by severity
In Kanboard before 1.0.47, by altering form data, an authenticated user can add an internal link...
Moderate
Unreviewed
CVE-2017-15206
was published
May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can remove categories...
Moderate
Unreviewed
CVE-2017-15203
was published
May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit swimlanes of a...
Moderate
Unreviewed
CVE-2017-15195
was published
May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit tasks of a...
Moderate
Unreviewed
CVE-2017-15207
was published
May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can add automatic actions...
Moderate
Unreviewed
CVE-2017-15204
was published
May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can remove automatic...
Moderate
Unreviewed
CVE-2017-15208
was published
May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit columns of a...
Moderate
Unreviewed
CVE-2017-15202
was published
May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can add a new category to...
Moderate
Unreviewed
CVE-2017-15197
was published
May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit tags of a...
Moderate
Unreviewed
CVE-2017-15201
was published
May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can add a new task to a...
Moderate
Unreviewed
CVE-2017-15200
was published
May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can remove columns from a...
Moderate
Unreviewed
CVE-2017-15196
was published
May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit metadata of a...
Moderate
Unreviewed
CVE-2017-15199
was published
May 13, 2022
Nextcloud Server before 11.0.7 and 12.0.5 suffers from an Authorization Bypass Through User...
Moderate
Unreviewed
CVE-2017-0936
was published
May 13, 2022
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to...
Moderate
Unreviewed
CVE-2019-9921
was published
May 13, 2022
An issue was discovered in GitLab Community and Enterprise Edition 10.x (starting from 10.8) and...
Critical
Unreviewed
CVE-2019-9756
was published
May 13, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before...
Moderate
Unreviewed
CVE-2019-9219
was published
May 13, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before...
Moderate
Unreviewed
CVE-2019-9170
was published
May 13, 2022
An unauthenticated Insecure Direct Object Reference (IDOR) in Wicket Core in LogonBox Nervepoint...
Critical
Unreviewed
CVE-2019-6716
was published
May 13, 2022
** DISPUTED ** BigTree 4.3 allows full path disclosure via authenticated admin/news/ input that...
Moderate
Unreviewed
CVE-2018-20405
was published
May 13, 2022
Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR)...
Moderate
Unreviewed
CVE-2018-16971
was published
May 13, 2022
Gleez CMS Vulnerability Allows Forced Browsing to Profile Page of Other Users
Moderate
CVE-2018-16704
was published
for
gleez/cms
(Composer)
May 13, 2022
In ProConf before 6.1, an Insecure Direct Object Reference (IDOR) allows any author to view and...
Moderate
Unreviewed
CVE-2018-16606
was published
May 13, 2022
In Vanilla before 2.6.1, the polling functionality allows Insecure Direct Object Reference (IDOR)...
Moderate
Unreviewed
CVE-2018-15833
was published
May 13, 2022
The SHAREit application before 4.0.42 for Android allows a remote attacker (on the same network...
Moderate
Unreviewed
CVE-2019-9938
was published
May 13, 2022
An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass...
High
Unreviewed
CVE-2022-29008
was published
May 12, 2022
ProTip!
Advisories are also available from the
GraphQL API