GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+
50 advisories
Filter by severity
MantisBT unauthorized disclosure of private project column configuration
Moderate
CVE-2025-62520
was published
for
mantisbt/mantisbt
(Composer)
Nov 3, 2025
Moodle has a time restriction bypass
Moderate
CVE-2025-62401
was published
for
moodle/moodle
(Composer)
Oct 23, 2025
Magento Improper Authorization vulnerability
Moderate
CVE-2025-27188
was published
for
magento/community-edition
(Composer)
Apr 8, 2025
TastyIgniter Has an Incorrect Access Control Vulnerability
Moderate
CVE-2024-44314
was published
for
tastyigniter/tastyigniter
(Composer)
Mar 18, 2025
TeamPass does not properly check whether a folder is in a user's allowed folders list
Moderate
CVE-2024-50701
was published
for
nilsteampassnet/teampass
(Composer)
Dec 30, 2024
TeamPass mail_me operation authorization issue
Moderate
CVE-2024-50702
was published
for
nilsteampassnet/teampass
(Composer)
Dec 30, 2024
Moodle allows users to retrieve information they did not have permission to access
Moderate
CVE-2024-45689
was published
for
moodle/moodle
(Composer)
Nov 20, 2024
Moodle Lesson activity password bypass through PHP loose comparison
Moderate
CVE-2024-45691
was published
for
moodle/moodle
(Composer)
Nov 20, 2024
moodle: IDOR when fetching report schedules
Moderate
CVE-2024-48901
was published
for
moodle/moodle
(Composer)
Nov 18, 2024
moodle: IDOR in edit/delete RSS feed
Moderate
CVE-2024-48897
was published
for
moodle/moodle
(Composer)
Nov 18, 2024
Improper Authorization in dolibarr/dolibarr
Moderate
CVE-2021-3991
was published
for
dolibarr/dolibarr
(Composer)
Nov 15, 2024
Magento Open Source Improper Authorization vulnerability
Moderate
CVE-2024-45131
was published
for
magento/community-edition
(Composer)
Oct 10, 2024
Magento Open Source Improper Authorization vulnerability
Moderate
CVE-2024-45128
was published
for
magento/community-edition
(Composer)
Oct 10, 2024
Powermail TYPO3 extension Broken Access Control in the OutputController
Moderate
CVE-2024-45233
was published
for
in2code/powermail
(Composer)
Aug 29, 2024
Magento Improper Authorization leads to security feature bypass
Moderate
CVE-2024-39411
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Improper Authorization leads to Security feature bypass
Moderate
CVE-2024-39416
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Improper Access Control Leads to Privilege escalation
Moderate
CVE-2024-39419
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Improper Authorization Leading to Security feature bypass
Moderate
CVE-2024-39415
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Improper Authorization leads to Security feature bypass
Moderate
CVE-2024-39417
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Improper Authorization vulnerability
Moderate
CVE-2024-39418
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Improper Authorization vulnerability
Moderate
CVE-2024-39413
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Open Source Improper Authorization vulnerability
Moderate
CVE-2024-39412
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Improper Authorization vulnerability
Moderate
CVE-2024-39407
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Improper Authorization vulnerability
Moderate
CVE-2024-39405
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Improper Authorization vulnerability
Moderate
CVE-2024-39404
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
ProTip!
Advisories are also available from the
GraphQL API