GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
645 advisories
Filter by severity
Moodle IDOR when accessing list of course badges
Moderate
CVE-2024-48899
was published
for
moodle/moodle
(Composer)
Nov 20, 2024
Moodle IDOR when deleting OAuth2 linked accounts
Moderate
CVE-2024-45690
was published
for
moodle/moodle
(Composer)
Nov 20, 2024
The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized...
High
Unreviewed
CVE-2024-10855
was published
Nov 20, 2024
An IDOR (Insecure Direct Object Reference) vulnerability has been discovered in AbsysNet,...
High
Unreviewed
CVE-2024-11318
was published
Nov 18, 2024
The Popularis Extra plugin for WordPress is vulnerable to Information Exposure in all versions up...
Moderate
Unreviewed
CVE-2024-10795
was published
Nov 16, 2024
java_shop 1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain...
Moderate
Unreviewed
CVE-2024-50651
was published
Nov 15, 2024
Improper Authorization in dolibarr/dolibarr
Moderate
CVE-2021-3991
was published
for
dolibarr/dolibarr
(Composer)
Nov 15, 2024
The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-10794
was published
Nov 13, 2024
The WP Project Manager – Task, team, and project management plugin featuring kanban board and...
High
Unreviewed
CVE-2024-10174
was published
Nov 13, 2024
The BuddyPress Builder for Elementor – BuddyBuilder plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-10778
was published
Nov 13, 2024
SOCIFI Socifi Guest wifi as SAAS wifi portal is affected by Insecure Permissions. Any authorized...
High
Unreviewed
CVE-2021-27700
was published
Nov 13, 2024
An authorization bypass through user-controlled key vulnerability [CWE-639] in Fortinet...
Moderate
Unreviewed
CVE-2023-47543
was published
Nov 12, 2024
The Futurio Extra plugin for WordPress is vulnerable to Information Exposure in all versions up...
Moderate
Unreviewed
CVE-2024-10695
was published
Nov 12, 2024
A vulnerability classified as problematic has been found in SourceCodester Hospital Management...
Moderate
Unreviewed
CVE-2024-11073
was published
Nov 11, 2024
The Attesa Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to...
Moderate
Unreviewed
CVE-2024-10688
was published
Nov 9, 2024
The SKT Addons for Elementor plugin for WordPress is vulnerable to Information Exposure in all...
Moderate
Unreviewed
CVE-2024-10693
was published
Nov 9, 2024
The Content Slider Block plugin for WordPress is vulnerable to Information Exposure in all...
Moderate
Unreviewed
CVE-2024-10667
was published
Nov 9, 2024
The Countdown Timer block – Display the event's date into a timer. plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-10669
was published
Nov 9, 2024
The Envo Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to,...
Moderate
Unreviewed
CVE-2024-10770
was published
Nov 9, 2024
The User Meta – User Profile Builder and User management plugin plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-9262
was published
Nov 9, 2024
The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Information Exposure in...
Moderate
Unreviewed
CVE-2024-10779
was published
Nov 9, 2024
Moodle's IDOR in Feedback non-respondents report allows messaging arbitrary site users
Moderate
CVE-2024-43438
was published
for
moodle/moodle
(Composer)
Nov 7, 2024
Moodle's IDOR in badges allows deletion of arbitrary badges
Moderate
CVE-2024-43431
was published
for
moodle/moodle
(Composer)
Nov 7, 2024
This vulnerability exists in the Wave 2.0 due to missing authorization check on certain API...
High
Unreviewed
CVE-2024-51559
was published
Nov 4, 2024
An Insecure Direct Object Reference (IDOR) in the dashboard of SiSMART v7.4.0 allows attackers to...
High
Unreviewed
CVE-2024-48217
was published
Nov 1, 2024
ProTip!
Advisories are also available from the
GraphQL API