GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
299 advisories
IDOR Vulnerabilities in ZITADEL's Admin API that Primarily Impact LDAP Configurations
Critical
CVE-2025-27507
was published
for
github.com/zitadel/zitadel
(Go)
Mar 4, 2025
Security Update for the OPC UA .NET Standard Stack
Moderate
CVE-2024-42512
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Mar 3, 2025
Distribution's token authentication allows to inject an untrusted signing key in a JWT
High
CVE-2025-24976
was published
for
github.com/distribution/distribution/v3
(Go)
Feb 11, 2025
khoj has an IDOR in subscription management allows unauthorized subscription modifications
Moderate
CVE-2024-52294
was published
for
khoj
(pip)
Dec 30, 2024
Spring Framework has Authorization Bypass for Case Sensitive Comparisons
Moderate
CVE-2024-38827
was published
for
org.springframework.security:spring-security-core
(Maven)
Dec 2, 2024
KubeSphere IDOR vulnerability
Moderate
CVE-2024-46528
was published
for
github.com/kubesphere/kubesphere
(Go)
Oct 14, 2024
IDOR vulnerability in account profile page
Moderate
CVE-2024-39319
was published
for
aimeos/ai-controller-frontend
(Composer)
Sep 26, 2024
ProTip!
Advisories are also available from the
GraphQL API