GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
371 advisories
General OpenMRS Security Advisory, January 2025: Penetration Testing Results and Patches
Critical
GHSA-vpxm-cr3r-pjp9
was published
for
org.openmrs.module:addresshierarchy
(Maven)
Jan 30, 2025
RabbitMQ HTTP API's queue deletion endpoint does not verify that the user has a required permission
High
CVE-2024-51988
was published
for
rabbit_common
(Erlang)
Nov 6, 2024
Access control vulnerable to user data deletion by anonynmous users
Moderate
CVE-2024-51734
was published
for
AccessControl
(pip)
Nov 4, 2024
ICG.AspNetCore.Utilities.CloudStorage's Secure Token Durations Different Than Expected
Moderate
CVE-2024-50353
was published
for
ICG.AspNetCore.Utilities.CloudStorage
(NuGet)
Oct 30, 2024
Umbraco CMS Improper Access Control Vulnerability Allows Low-Privilege Users to Access Webhook API
Low
CVE-2024-48925
was published
for
Umbraco.CMS
(NuGet)
Oct 22, 2024
Vulnerable juju hook tool abstract UNIX domain socket
Moderate
CVE-2024-8037
was published
for
github.com/juju/juju
(Go)
Oct 3, 2024
Mautic vulnerable to Improper Access Control in UI upgrade process
High
CVE-2022-25768
was published
for
mautic/core
(Composer)
Sep 18, 2024
Directus vulnerable to SSRF Loopback IP filter bypass
Moderate
CVE-2024-46990
was published
for
@directus/api
(npm)
Sep 18, 2024
Vite's `server.fs.deny` is bypassed when using `?import&raw`
Moderate
CVE-2024-45811
was published
for
vite
(npm)
Sep 17, 2024
ProTip!
Advisories are also available from the
GraphQL API