GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
571 advisories
Filter by severity
A vulnerability was found in wfh45678 Radar up to 1.0.8 and classified as critical. This issue...
Moderate
Unreviewed
CVE-2024-10121
was published
Oct 18, 2024
The WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin plugin for...
Critical
Unreviewed
CVE-2024-9263
was published
Oct 17, 2024
The Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors...
High
Unreviewed
CVE-2024-9215
was published
Oct 17, 2024
The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to Arbitrary...
Critical
Unreviewed
CVE-2024-9862
was published
Oct 17, 2024
Dell E-Lab Navigator, [3.1.9, 3.2.0], contains an Insecure Direct Object Reference Vulnerability...
Moderate
Unreviewed
CVE-2024-22455
was published
Oct 16, 2024
An authorization bypass through user-controlled key vulnerability affecting 3DSwym in 3DSwymer on...
High
Unreviewed
CVE-2024-8040
was published
Oct 16, 2024
The plugin ACF Quick Edit Fields for WordPress is vulnerable to Insecure Direct Object Reference...
Moderate
Unreviewed
CVE-2023-7286
was published
Oct 16, 2024
Sensitive information manipulation due to improper authorization. The following products are...
Low
Unreviewed
CVE-2024-49388
was published
Oct 15, 2024
The WP 2FA with Telegram plugin for WordPress is vulnerable to Authentication Bypass in versions...
High
Unreviewed
CVE-2024-9687
was published
Oct 15, 2024
An Authorization Bypass Through User-Controlled Key vulnerability allows a locally authenticated...
High
Unreviewed
CVE-2024-47495
was published
Oct 11, 2024
A vulnerability classified as problematic was found in Sovell Smart Canteen System up to 3.0.7303...
Moderate
Unreviewed
CVE-2024-9554
was published
Oct 6, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Salon Booking System Salon...
Moderate
Unreviewed
CVE-2024-47316
was published
Oct 5, 2024
This vulnerability exists in the Shilpi Net Back Office due to improper access controls on...
High
Unreviewed
CVE-2024-47657
was published
Oct 4, 2024
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series...
Moderate
Unreviewed
CVE-2024-20513
was published
Oct 2, 2024
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-9298
was published
Sep 28, 2024
IDOR vulnerability in account profile page
Moderate
CVE-2024-39319
was published
for
aimeos/ai-controller-frontend
(Composer)
Sep 26, 2024
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible...
High
Unreviewed
CVE-2024-8290
was published
Sep 25, 2024
The REST API TO MiniProgram plugin for WordPress is vulnerable to privilege escalation via...
Critical
Unreviewed
CVE-2024-8485
was published
Sep 25, 2024
The Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress plugin...
Critical
Unreviewed
CVE-2024-8791
was published
Sep 24, 2024
Puma's header normalization allows for client to clobber proxy set headers
Moderate
CVE-2024-45614
was published
for
puma
(RubyGems)
Sep 20, 2024
Sentry improperly authorizes muting of alert rules
High
CVE-2024-45606
was published
for
sentry
(pip)
Sep 17, 2024
Sentry improperly authorizes deletion of user issue alert notifications
Moderate
CVE-2024-45605
was published
for
sentry
(pip)
Sep 17, 2024
powermail TYPO3 extension has Insecure Direct Object Reference
Moderate
CVE-2024-47047
was published
for
in2code/powermail
(Composer)
Sep 17, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 17.1.7...
Low
Unreviewed
CVE-2024-6685
was published
Sep 17, 2024
ProTip!
Advisories are also available from the
GraphQL API