GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,892
Composer 4,266
Erlang 31
GitHub Actions 21
Go 2,041
Maven 5,224
npm 3,733
NuGet 662
pip 3,414
Pub 12
RubyGems 891
Rust 866
Swift 36

Unreviewed advisories

All unreviewed 238,121

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

545 advisories

Filter by severity

Sort by

Least recently updated

The WooCommerce Multiple Free Gift plugin for WordPress is vulnerable to gift manipulation in all... Moderate Unreviewed

CVE-2022-3459 was published Sep 16, 2024

An issue in Mirapolis LMS 4.6.XX allows authenticated users to exploit an Insecure Direct Object... Moderate Unreviewed

CVE-2024-25270 was published Sep 12, 2024

Authorization Bypass Through User-Controlled Key vulnerability in Utarit Information SoliClub... High Unreviewed

CVE-2024-3306 was published Sep 12, 2024

An unauthenticated Insecure Direct Object Reference (IDOR) to the database has been found in the... Critical Unreviewed

CVE-2024-27113 was published Sep 11, 2024

This vulnerability exists in Reedos aiM-Star version 2.0.1 due to improper access controls on its... High Unreviewed

CVE-2024-45786 was published Sep 11, 2024

An authorization bypass through user-controlled key [CWE-639] vulnerability in FortiAnalyzer... Moderate Unreviewed

CVE-2023-44254 was published Sep 10, 2024

A vulnerability has been identified in Industrial Edge Management Pro (All versions < V1.9.5),... Critical Unreviewed

CVE-2024-45032 was published Sep 10, 2024

This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to... High Unreviewed

CVE-2024-8601 was published Sep 9, 2024

The ForumWP – Forum & Discussion Board Plugin plugin for WordPress is vulnerable to Privilege... High Unreviewed

CVE-2024-8428 was published Sep 6, 2024

The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2024-8292 was published Sep 6, 2024

The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Insecure... Moderate Unreviewed

CVE-2024-8123 was published Sep 4, 2024

An Insecure Direct Object Reference (IDOR) in PTC ThingWorx v9.5.0 allows attackers to view... Moderate Unreviewed

CVE-2024-40395 was published Aug 27, 2024

Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project... Moderate Unreviewed

CVE-2024-43916 was published Aug 26, 2024

A bug in the 9p authentication implementation within lib9p allows an attacker with an existing... High Unreviewed

CVE-2024-8158 was published Aug 26, 2024

The User Private Files – WordPress File Sharing Plugin plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-7848 was published Aug 22, 2024

Authorization Bypass Through User-Controlled Key vulnerability in Checkout Plugins Stripe... High Unreviewed

CVE-2024-43315 was published Aug 19, 2024

Authorization Bypass Through User-Controlled Key vulnerability in Propovoice Propovoice CRM.This... Moderate Unreviewed

CVE-2024-43350 was published Aug 19, 2024

Authorization Bypass Through User-Controlled Key vulnerability in gVectors Team wpForo Forum.This... Moderate Unreviewed

CVE-2024-43288 was published Aug 19, 2024

Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project... Moderate Unreviewed

CVE-2024-43322 was published Aug 19, 2024

Authorization Bypass Through User-Controlled Key vulnerability in WP Job Portal.This issue... Moderate Unreviewed

CVE-2024-43266 was published Aug 19, 2024

Authorization Bypass Through User-Controlled Key vulnerability in Masteriyo Masteriyo - LMS.This... Moderate Unreviewed

CVE-2024-43239 was published Aug 19, 2024

Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product... High Unreviewed

CVE-2024-42464 was published Aug 16, 2024

Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product... High Unreviewed

CVE-2024-42463 was published Aug 16, 2024

The Custom Field For WP Job Manager plugin for WordPress is vulnerable to Insecure Direct Object... Moderate Unreviewed

CVE-2023-7049 was published Aug 16, 2024

Insecure Permissions vulnerability in Friendica v.2023.12 allows a remote attacker to obtain... Critical Unreviewed

CVE-2024-27730 was published Aug 15, 2024

Previous 1 2 3 4 5 6 … 21 22 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

545 advisories