GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
67 advisories
Filter by severity
Moderate severity vulnerability that affects Products.PlonePAS
Moderate
CVE-2009-0662
was published
for
Products.PlonePAS
(pip)
Jul 23, 2018
Improper Authentication in pyftpdlib
High
CVE-2008-7263
was published
for
pyftpdlib
(pip)
May 17, 2022
Improper Authentication in pyftpdlib
High
CVE-2007-6737
was published
for
pyftpdlib
(pip)
May 1, 2022
Improper Access Control in Onionshare
Moderate
CVE-2022-21692
was published
for
onionshare-cli
(pip)
Jan 21, 2022
Improper Access Control in Onionshare
Moderate
CVE-2022-21695
was published
for
onionshare-cli
(pip)
Jan 21, 2022
OpenStack Neutron Improper Authentication vulnerability
Moderate
CVE-2014-0056
was published
for
neutron
(pip)
May 17, 2022
OpenStack Keystone Improper Authentication vulnerability
Moderate
CVE-2013-1865
was published
for
keystone
(pip)
May 17, 2022
OpenStack Keystone Improper Authentication vulnerability
High
CVE-2012-4456
was published
for
keystone
(pip)
May 14, 2022
pysaml2 Improper Authentication vulnerability
High
CVE-2017-1000433
was published
for
pysaml2
(pip)
Jul 13, 2018
Lin CMS vulnerable to Improper Authentication
Moderate
CVE-2022-44244
was published
for
Lin-CMS
(Maven)
Nov 10, 2022
rdiffweb vulnerable to Authentication Bypass by Primary Weakness
High
CVE-2022-4722
was published
for
rdiffweb
(pip)
Dec 27, 2022
Shinken Solutions Shinken Monitoring vulnerable to Incorrect Access Control
Critical
CVE-2022-37298
was published
for
Shinken
(pip)
Oct 20, 2022
Improper Authentication in requests-kerberos
Critical
CVE-2014-8650
was published
for
requests-kerberos
(pip)
Mar 10, 2020
Python-saml allows manipulation of SAML data without invalidation of cryptographic signature
High
CVE-2017-11427
was published
for
python-saml
(pip)
Jul 5, 2019
Improper Authentication in SaltStack Salt
Moderate
CVE-2021-22004
was published
for
salt
(pip)
May 24, 2022
Paramiko not properly checking authentication before processing other requests
Critical
CVE-2018-7750
was published
for
paramiko
(pip)
Jul 12, 2018
When matrix-nio receives forwarded room keys, the receiver doesn't check if it requested the key from the forwarder
High
CVE-2022-39254
was published
for
matrix-nio
(pip)
Sep 30, 2022
Zope DTML implementation Improper Authentication
High
CVE-2000-0062
was published
for
zope
(pip)
Apr 30, 2022
Zope does not properly perform security registration for legacy names
High
CVE-2000-1211
was published
for
zope
(pip)
Apr 30, 2022
Zope DocumentTemplate package allows unauthenticated write
Moderate
CVE-2000-0483
was published
for
zope
(pip)
May 3, 2022
asyncua Improper Authentication vulnerability
High
CVE-2023-26150
was published
for
asyncua
(pip)
Oct 3, 2023
Sentry vulnerable to incorrect credential validation on OAuth token requests
Moderate
CVE-2023-39531
was published
for
sentry
(pip)
Aug 9, 2023
Trytond allows modification of privileges of arbitrary users
Moderate
CVE-2012-0215
was published
for
trytond
(pip)
May 4, 2022
OpenStack Keystone Token authorization for a user in a disabled tenant is allowed
Moderate
CVE-2012-4457
was published
for
Keystone
(pip)
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API