GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
93 advisories
Filter by severity
Umbraco CMS Improper Access Control Vulnerability Allows Low-Privilege Users to Access Webhook API
Low
CVE-2024-48925
was published
for
Umbraco.CMS
(NuGet)
Oct 22, 2024
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version...
Low
Unreviewed
CVE-2023-27303
was published
Oct 10, 2024
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version...
Low
Unreviewed
CVE-2023-26596
was published
Oct 10, 2024
Magento Open Source Improper Access Control vulnerability
Low
CVE-2024-45149
was published
for
magento/community-edition
(Composer)
Oct 10, 2024
Mattermost versions 9.5.x <= 9.5.8 fail to properly authorize access to archived channels when...
Low
Unreviewed
CVE-2024-47145
was published
Sep 26, 2024
Improper access control in Intel(R) RAID Web Console software all versions may allow an...
Low
Unreviewed
CVE-2024-36261
was published
Sep 16, 2024
Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user...
Low
Unreviewed
CVE-2024-28170
was published
Sep 16, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.5 prior to 16.11...
Low
Unreviewed
CVE-2024-2880
was published
Jul 11, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.0.4...
Low
Unreviewed
CVE-2024-5470
was published
Jul 11, 2024
Mattermost versions 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2 and 9.5.x <= 9.5.5 fail to prevent...
Low
Unreviewed
CVE-2024-39361
was published
Jul 3, 2024
Mattermost versions 9.5.x <= 9.5.5 and 9.8.0, when using shared channels with multiple remote...
Low
Unreviewed
CVE-2024-36257
was published
Jul 3, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11...
Low
Unreviewed
CVE-2024-4011
was published
Jun 27, 2024
vantage6 collaboration admins can extend their influence by expanding the collaboration
Low
CVE-2024-32969
was published
for
vantage6
(pip)
May 22, 2024
An Improper Access Control could allow a malicious actor authenticated in the API to enable...
Low
Unreviewed
CVE-2024-29206
was published
May 7, 2024
Mattermost allows team admins to promote guests to team admins
Low
CVE-2024-4195
was published
for
github.com/mattermost/mattermost-server
(Go)
Apr 26, 2024
Mattermost fails to fully validate role changes
Low
CVE-2024-4198
was published
for
github.com/mattermost/mattermost-server
(Go)
Apr 26, 2024
HCL Connections contains a broken access control vulnerability that may expose sensitive...
Low
Unreviewed
CVE-2024-30107
was published
Apr 18, 2024
Keycloak vulnerable to impersonation via logout token exchange
Low
CVE-2023-0657
was published
for
org.keycloak:keycloak-services
(Maven)
Apr 17, 2024
Mattermost Server Improper Access Control
Low
CVE-2024-21848
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Apr 5, 2024
Undici's fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect
Low
CVE-2024-30261
was published
for
undici
(npm)
Apr 4, 2024
Mattermost fails to properly restrict the access of files attached to posts
Low
CVE-2024-23488
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Feb 29, 2024
An issue has been discovered in GitLab affecting all versions before 16.7.6, all versions...
Low
Unreviewed
CVE-2023-3509
was published
Feb 22, 2024
Mattermost fails to check the required permissions
Low
CVE-2024-24776
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Feb 9, 2024
Mattermost allows demoted guests to change group names
Low
CVE-2023-50333
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Jan 2, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 8.17 before 16.4.4...
Low
Unreviewed
CVE-2023-3511
was published
Dec 15, 2023
ProTip!
Advisories are also available from the
GraphQL API