GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
173 advisories
Filter by severity
In checkKeyIntentParceledCorrectly() of ActivityManagerService.java, there is a possible bypass...
High
Unreviewed
CVE-2023-21131
was published
Jun 15, 2023
Authorization bypass through user-controlled key vulnerability in streaming service in Synology...
High
Unreviewed
CVE-2024-4464
was published
Dec 18, 2024
An access control bypass vulnerability found in 389-ds-base. That mishandling of the filter that...
High
Unreviewed
CVE-2022-1949
was published
Jun 3, 2022
Dell NetWorker, version(s) 19.10, contain(s) an Authorization Bypass Through User-Controlled Key...
High
Unreviewed
CVE-2024-42422
was published
Dec 3, 2024
The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized...
High
Unreviewed
CVE-2024-10855
was published
Nov 20, 2024
SOCIFI Socifi Guest wifi as SAAS wifi portal is affected by Insecure Permissions. Any authorized...
High
Unreviewed
CVE-2021-27700
was published
Nov 13, 2024
An IDOR (Insecure Direct Object Reference) vulnerability has been discovered in AbsysNet,...
High
Unreviewed
CVE-2024-11318
was published
Nov 18, 2024
The WP Project Manager – Task, team, and project management plugin featuring kanban board and...
High
Unreviewed
CVE-2024-10174
was published
Nov 13, 2024
This vulnerability exists in the Wave 2.0 due to missing authorization check on certain API...
High
Unreviewed
CVE-2024-51559
was published
Nov 4, 2024
An Insecure Direct Object Reference (IDOR) in the dashboard of SiSMART v7.4.0 allows attackers to...
High
Unreviewed
CVE-2024-48217
was published
Nov 1, 2024
An Insecure Direct Object Reference (IDOR) vulnerability in appointment-detail.php in Phpgurukul...
High
Unreviewed
CVE-2024-51066
was published
Oct 31, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Paid Memberships Pro allows...
High
Unreviewed
CVE-2024-37277
was published
Nov 1, 2024
An IDOR vulnerability exists in the 'Evaluations' function of the 'umgws datasets' section in...
High
Unreviewed
CVE-2024-7473
was published
Oct 29, 2024
The School Management System – WPSchoolPress plugin for WordPress is vulnerable to privilege...
High
Unreviewed
CVE-2024-9637
was published
Oct 26, 2024
The Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors...
High
Unreviewed
CVE-2024-9215
was published
Oct 17, 2024
This vulnerability exists in the Shilpi Net Back Office due to improper access controls on...
High
Unreviewed
CVE-2024-47657
was published
Oct 4, 2024
An authorization bypass through user-controlled key vulnerability affecting 3DSwym in 3DSwymer on...
High
Unreviewed
CVE-2024-8040
was published
Oct 16, 2024
The WP 2FA with Telegram plugin for WordPress is vulnerable to Authentication Bypass in versions...
High
Unreviewed
CVE-2024-9687
was published
Oct 15, 2024
An Authorization Bypass Through User-Controlled Key vulnerability allows a locally authenticated...
High
Unreviewed
CVE-2024-47495
was published
Oct 11, 2024
An Incorrect Authorization vulnerability exists in lunary-ai/lunary versions up to and including...
High
Unreviewed
CVE-2024-5130
was published
Jun 6, 2024
An Improper Access Control vulnerability exists in the lunary-ai/lunary repository, affecting...
High
Unreviewed
CVE-2024-5131
was published
Jun 6, 2024
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible...
High
Unreviewed
CVE-2024-8290
was published
Sep 25, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Utarit Information SoliClub...
High
Unreviewed
CVE-2024-3306
was published
Sep 12, 2024
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to improper access controls on its...
High
Unreviewed
CVE-2024-45786
was published
Sep 11, 2024
This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to...
High
Unreviewed
CVE-2024-8601
was published
Sep 9, 2024
ProTip!
Advisories are also available from the
GraphQL API