GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,131
Erlang
29
GitHub Actions
19
Go
1,936
Maven
5,000+
npm
3,671
NuGet
642
pip
3,288
Pub
10
RubyGems
873
Rust
828
Swift
35
Unreviewed advisories
All unreviewed
5,000+
318 advisories
Filter by severity
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit metadata of a...
Moderate
Unreviewed
CVE-2017-15199
was published
May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can add automatic actions...
Moderate
Unreviewed
CVE-2017-15204
was published
May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can remove automatic...
Moderate
Unreviewed
CVE-2017-15208
was published
May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit tasks of a...
Moderate
Unreviewed
CVE-2017-15207
was published
May 13, 2022
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit tags of a...
Moderate
Unreviewed
CVE-2017-15201
was published
May 13, 2022
The WP Cerber Security, Anti-spam & Malware Scan WordPress plugin before 9.3.3 does not properly...
Moderate
Unreviewed
CVE-2022-4417
was published
Jan 3, 2023
The BookingPress WordPress plugin before 1.0.31 suffers from an Insecure Direct Object Reference ...
Moderate
Unreviewed
CVE-2022-4340
was published
Jan 3, 2023
An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is improper...
Moderate
Unreviewed
CVE-2018-10211
was published
May 13, 2022
onlinetolls in cdSoft Onlinetools-Smart Winhotel.MX 2021 allows an attacker to download sensitive...
Moderate
Unreviewed
CVE-2022-27247
was published
May 14, 2022
The Awesome Support WordPress plugin before 6.1.2 does not ensure that the exported tickets...
Moderate
Unreviewed
CVE-2022-3511
was published
Nov 28, 2022
The Drag and Drop Multiple File Upload WordPress plugin before 1.3.6.5 does not properly check...
Moderate
Unreviewed
CVE-2022-3282
was published
Oct 17, 2022
Users with Node Management rights were able to view and edit all nodes due to Insufficient...
Moderate
Unreviewed
CVE-2022-36966
was published
Oct 21, 2022
The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and...
Moderate
Unreviewed
CVE-2022-1425
was published
May 17, 2022
usememos/memos vulnerable to Improper Authorization
Moderate
CVE-2022-4802
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos Improper Access Control vulnerability
Moderate
CVE-2022-4806
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos vulnerable to Comparison of Object References Instead of Object Contents
Moderate
CVE-2022-4812
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos Improper Authorization vulnerability
Moderate
CVE-2022-4798
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos Improper Authentication vulnerability
Moderate
CVE-2022-4799
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
https://www.sourcecodester.com/ Online Enrollment Management System in PHP and PayPal Free Source...
Moderate
Unreviewed
CVE-2021-40579
was published
Dec 29, 2021
Authorization Bypass Through User-Controlled Key in LiveHelperChat
Moderate
CVE-2022-0266
was published
for
remdex/livehelperchat
(Composer)
Jan 21, 2022
The WP-Polls WordPress plugin before 2.76.0 prioritizes getting a visitor's IP from certain HTTP...
Moderate
Unreviewed
CVE-2022-1581
was published
Nov 21, 2022
The IP2Location Country Blocker WordPress plugin before 2.26.5 bans can be bypassed by using a...
Moderate
Unreviewed
CVE-2021-25096
was published
Feb 8, 2022
Authorization Bypass Through User-Controlled Key in urijs
Moderate
CVE-2022-0613
was published
for
urijs
(npm)
Feb 17, 2022
An issue was discovered in the Varnishcache extension before 2.0.1 for TYPO3. The Edge Site...
Moderate
Unreviewed
CVE-2022-24979
was published
Feb 20, 2022
The UsersWP WordPress plugin before 1.2.3.1 is missing access controls when updating a user...
Moderate
Unreviewed
CVE-2022-0442
was published
Mar 8, 2022
ProTip!
Advisories are also available from the
GraphQL API