Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

31 advisories

Loading
Mattermost Server Improper Access Control Low
CVE-2024-21848 was published for github.com/mattermost/mattermost/server/v8 (Go) Apr 5, 2024
Keycloak vulnerable to impersonation via logout token exchange Low
CVE-2023-0657 was published for org.keycloak:keycloak-services (Maven) Apr 17, 2024
Ignite Realtime Openfire privilege escalation vulnerability High
CVE-2024-25420 was published for org.igniterealtime.openfire:xmppserver (Maven) Mar 26, 2024
Bitlbee does not drop extra group privileges correctly in unix.c Critical Unreviewed
CVE-2012-1187 was published Apr 23, 2022
Improper Privilege Management in Apache Ozone Critical
CVE-2021-36372 was published for org.apache.ozone:ozone-main (Maven) Nov 23, 2021
Apache Superset allows authenticated users to access metadata they have no permission to Moderate
CVE-2021-37839 was published for apache-superset (pip) Jul 7, 2022
Moodle does not revoke role capabilities correctly Moderate
CVE-2019-14879 was published for moodle/moodle (Composer) May 24, 2022
ProTip! Advisories are also available from the GraphQL API