Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

29 advisories

Loading
Password Policy Bypass Vulnerability in Fides Webserver User Accept Invite API Low
CVE-2024-52008 was published for ethyca-fides (pip) Nov 26, 2024
h0wl andres-torres-marroquin
daveqnet erosselli
Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program has found that it is possible to... Moderate Unreviewed
CVE-2024-6831 was published Nov 26, 2024
A client-side enforcement of server-side security in Fortinet FortiAnalyzer-BigData at least... High Unreviewed
CVE-2024-23666 was published Nov 12, 2024
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated,... Moderate Unreviewed
CVE-2024-20476 was published Nov 6, 2024
IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 could allow a privileged... Moderate Unreviewed
CVE-2024-43188 was published Sep 18, 2024
Insufficient server-side controls in the management console of Ivanti Workspace Control version... High Unreviewed
CVE-2024-44106 was published Sep 10, 2024
CyberArk - CWE-602: Client-Side Enforcement of Server-Side Security High Unreviewed
CVE-2024-42340 was published Aug 25, 2024
Honeywell PC42t, PC42tp, and PC42d Printers, T10.19.020016 to T10.20.060398, contain a cross-site... Low Unreviewed
CVE-2024-6620 was published Jul 29, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... High Unreviewed
CVE-2024-39870 was published Jul 9, 2024
A client-side enforcement of server-side security in Fortinet FortiPortal version 6.0.0 through 6... Moderate Unreviewed
CVE-2023-48789 was published Jun 3, 2024
Client-Side Enforcement of Server-Side Security vulnerability in Wpmet Wp Ultimate Review allows... Moderate Unreviewed
CVE-2024-32685 was published May 17, 2024
Client-Side Enforcement of Server-Side Security vulnerability in Highfivery LLC Zero Spam allows... Moderate Unreviewed
CVE-2024-32521 was published May 17, 2024
Client-Side Enforcement of Server-Side Security vulnerability in weForms allows Removing... Moderate Unreviewed
CVE-2024-32512 was published May 17, 2024
A client-side enforcement of server-side security in Fortinet FortiSandbox version 4.4.0 through... High Unreviewed
CVE-2024-31491 was published May 14, 2024
Privileges are not fully verified server-side, which can be abused by a user with limited... High Unreviewed
CVE-2024-28029 was published Mar 22, 2024
Client-Side enforcement of Server-Side security for the Command Centre server could be bypassed... Moderate Unreviewed
CVE-2023-23570 was published Dec 19, 2023
A client-side enforcement of server-side security [CWE-602] vulnerability in Fortinet... Moderate Unreviewed
CVE-2023-42787 was published Oct 10, 2023
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a... Moderate Unreviewed
CVE-2023-39218 was published Aug 8, 2023
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an... Moderate Unreviewed
CVE-2023-36535 was published Aug 8, 2023
A security defect was identified in Foundry workspace-server that enabled a user to bypass an... Moderate Unreviewed
CVE-2023-30955 was published Jun 29, 2023
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated... Moderate Unreviewed
CVE-2023-20172 was published May 18, 2023
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated... Moderate Unreviewed
CVE-2023-20171 was published May 18, 2023
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated... Moderate Unreviewed
CVE-2023-20106 was published May 18, 2023
Yellobrik PEC-1864 implements authentication checks via javascript in the frontend interface.... Critical Unreviewed
CVE-2023-0750 was published Apr 6, 2023
The PrivateContent plugin for WordPress is vulnerable to protection mechanism bypass due to the... Moderate Unreviewed
CVE-2023-0581 was published Jan 30, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database