GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,131
Erlang
29
GitHub Actions
19
Go
1,936
Maven
5,000+
npm
3,671
NuGet
642
pip
3,288
Pub
10
RubyGems
873
Rust
828
Swift
35
Unreviewed advisories
All unreviewed
5,000+
318 advisories
Filter by severity
Canon Medical Informatics Vitrea Vision 7.7.76.1 does not adequately enforce access controls. An...
Moderate
Unreviewed
CVE-2022-38765
was published
Dec 9, 2022
The TeraWallet plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions...
Moderate
Unreviewed
CVE-2022-3995
was published
Nov 29, 2022
The Awesome Support WordPress plugin before 6.1.2 does not ensure that the exported tickets...
Moderate
Unreviewed
CVE-2022-3511
was published
Nov 28, 2022
The WP-Polls WordPress plugin before 2.76.0 prioritizes getting a visitor's IP from certain HTTP...
Moderate
Unreviewed
CVE-2022-1581
was published
Nov 21, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. Due to the use of consecutive IDs in...
Moderate
Unreviewed
CVE-2022-44005
was published
Nov 17, 2022
Authorization Bypass in Liferay Portal
Moderate
CVE-2022-42129
was published
for
com.liferay.portal:release.portal.bom
(Maven)
Nov 15, 2022
Insecure direct object references (IDOR) vulnerability in the wpForo Forum plugin <= 2.0.5 on...
Moderate
Unreviewed
CVE-2022-40206
was published
Nov 9, 2022
Insecure direct object references (IDOR) vulnerability in the wpForo Forum plugin <= 2.0.5 on...
Moderate
Unreviewed
CVE-2022-40205
was published
Nov 9, 2022
An improper access control vulnerability [CWE-284] in FortiMail 7.2.0, 7.0.0 through 7.0.3, 6.4...
Moderate
Unreviewed
CVE-2022-39945
was published
Nov 2, 2022
Users with Node Management rights were able to view and edit all nodes due to Insufficient...
Moderate
Unreviewed
CVE-2022-36966
was published
Oct 21, 2022
The Drag and Drop Multiple File Upload WordPress plugin before 1.3.6.5 does not properly check...
Moderate
Unreviewed
CVE-2022-3282
was published
Oct 17, 2022
An issue has been discovered in GitLab EE affecting all versions starting from 14.5 before 15.1.6...
Moderate
Unreviewed
CVE-2022-3331
was published
Oct 17, 2022
Online Birth Certificate Management System version 1.0 suffers from an Insecure Direct Object...
Moderate
Unreviewed
CVE-2022-42067
was published
Oct 14, 2022
In affected versions of Octopus Server it is possible to reveal information about teams via the...
Moderate
Unreviewed
CVE-2022-2828
was published
Oct 13, 2022
Insecure direct object references (IDOR) vulnerability in ExpressTech Quiz And Survey Master...
Moderate
Unreviewed
CVE-2021-36865
was published
Oct 1, 2022
The Restricted Site Access WordPress plugin before 7.3.2 prioritizes getting a visitor's IP from...
Moderate
Unreviewed
CVE-2022-1613
was published
Sep 27, 2022
The Site Offline Or Coming Soon Or Maintenance Mode WordPress plugin before 1.5.3 prevents users...
Moderate
Unreviewed
CVE-2022-1580
was published
Sep 20, 2022
The Login No Captcha reCAPTCHA WordPress plugin before 1.7 doesn't check the proper IP address...
Moderate
Unreviewed
CVE-2022-2913
was published
Sep 17, 2022
The Titan Anti-spam & Security WordPress plugin before 7.3.1 does not properly checks HTTP...
Moderate
Unreviewed
CVE-2022-2877
was published
Sep 17, 2022
Squiz Matrix CMS 6.20 is vulnerable to an Insecure Direct Object Reference caused by failure to...
Moderate
Unreviewed
CVE-2022-32277
was published
Sep 7, 2022
The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its...
Moderate
Unreviewed
CVE-2022-2034
was published
Aug 29, 2022
The Sensei LMS WordPress plugin before 4.5.2 does not ensure that the sender of a private message...
Moderate
Unreviewed
CVE-2022-2080
was published
Aug 29, 2022
The WPQA Builder WordPress plugin before 5.7 which is a companion plugin to the Hilmer and Discy ...
Moderate
Unreviewed
CVE-2022-2198
was published
Aug 23, 2022
Mealie 1.0.0beta3 was discovered to contain an Insecure Direct Object Reference (IDOR)...
Moderate
Unreviewed
CVE-2022-34621
was published
Aug 20, 2022
The SearchWP Live Ajax Search WordPress plugin before 1.6.2 does not ensure that users making a...
Moderate
Unreviewed
CVE-2022-2535
was published
Aug 16, 2022
ProTip!
Advisories are also available from the
GraphQL API