GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
85 advisories
phpBB 3.0.7 allows remote attackers to bypass intended access restrictions
High
CVE-2010-1627
was published
for
phpbb/phpbb
(Composer)
May 17, 2022
derhansen/sf_event_mgt vulnerable to Broken Access Control in Backend Module
Moderate
CVE-2024-24751
was published
for
derhansen/sf_event_mgt
(Composer)
Feb 13, 2024
Pixelfed doesn't check OAuth Scopes in API routes, giving elevated permissions
Critical
CVE-2024-25108
was published
for
pixelfed/pixelfed
(Composer)
Feb 12, 2024
Information Disclosure in TYPO3 Page Tree
Low
CVE-2024-47780
was published
for
typo3/cms-backend
(Composer)
Oct 8, 2024
Kirby has insufficient permission checks in the language settings
High
CVE-2024-41964
was published
for
getkirby/cms
(Composer)
Aug 29, 2024
aimeos/ai-admin-graphql improper access control vulnerability allows editors to manage own services
Low
CVE-2024-39324
was published
for
aimeos/ai-admin-graphql
(Composer)
Jul 2, 2024
aimeos/ai-admin-jsonadm improper access control vulnerability allows editors to remove required records
Moderate
CVE-2024-39322
was published
for
aimeos/ai-admin-jsonadm
(Composer)
Jul 2, 2024
aimeos/ai-admin-graphql improper access control vulnerability allows an editor to modify admin account
High
CVE-2024-39323
was published
for
aimeos/ai-admin-graphql
(Composer)
Jul 2, 2024
ProTip!
Advisories are also available from the
GraphQL API