GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,307
Composer 4,131
Erlang 29
GitHub Actions 19
Go 1,936
Maven 5,130
npm 3,671
NuGet 642
pip 3,288
Pub 10
RubyGems 873
Rust 828
Swift 35

Unreviewed advisories

All unreviewed 230,256

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

318 advisories

Filter by severity

Sort by

Least recently updated

Canon Medical Informatics Vitrea Vision 7.7.76.1 does not adequately enforce access controls. An... Moderate Unreviewed

CVE-2022-38765 was published Dec 9, 2022

The TeraWallet plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions... Moderate Unreviewed

CVE-2022-3995 was published Nov 29, 2022

The Awesome Support WordPress plugin before 6.1.2 does not ensure that the exported tickets... Moderate Unreviewed

CVE-2022-3511 was published Nov 28, 2022

The WP-Polls WordPress plugin before 2.76.0 prioritizes getting a visitor's IP from certain HTTP... Moderate Unreviewed

CVE-2022-1581 was published Nov 21, 2022

An issue was discovered in BACKCLICK Professional 5.9.63. Due to the use of consecutive IDs in... Moderate Unreviewed

CVE-2022-44005 was published Nov 17, 2022

Authorization Bypass in Liferay Portal Moderate

CVE-2022-42129 was published for com.liferay.portal:release.portal.bom (Maven) Nov 15, 2022

Insecure direct object references (IDOR) vulnerability in the wpForo Forum plugin <= 2.0.5 on... Moderate Unreviewed

CVE-2022-40206 was published Nov 9, 2022

Insecure direct object references (IDOR) vulnerability in the wpForo Forum plugin <= 2.0.5 on... Moderate Unreviewed

CVE-2022-40205 was published Nov 9, 2022

An improper access control vulnerability [CWE-284] in FortiMail 7.2.0, 7.0.0 through 7.0.3, 6.4... Moderate Unreviewed

CVE-2022-39945 was published Nov 2, 2022

Users with Node Management rights were able to view and edit all nodes due to Insufficient... Moderate Unreviewed

CVE-2022-36966 was published Oct 21, 2022

The Drag and Drop Multiple File Upload WordPress plugin before 1.3.6.5 does not properly check... Moderate Unreviewed

CVE-2022-3282 was published Oct 17, 2022

An issue has been discovered in GitLab EE affecting all versions starting from 14.5 before 15.1.6... Moderate Unreviewed

CVE-2022-3331 was published Oct 17, 2022

Online Birth Certificate Management System version 1.0 suffers from an Insecure Direct Object... Moderate Unreviewed

CVE-2022-42067 was published Oct 14, 2022

In affected versions of Octopus Server it is possible to reveal information about teams via the... Moderate Unreviewed

CVE-2022-2828 was published Oct 13, 2022

Insecure direct object references (IDOR) vulnerability in ExpressTech Quiz And Survey Master... Moderate Unreviewed

CVE-2021-36865 was published Oct 1, 2022

The Restricted Site Access WordPress plugin before 7.3.2 prioritizes getting a visitor's IP from... Moderate Unreviewed

CVE-2022-1613 was published Sep 27, 2022

The Site Offline Or Coming Soon Or Maintenance Mode WordPress plugin before 1.5.3 prevents users... Moderate Unreviewed

CVE-2022-1580 was published Sep 20, 2022

The Login No Captcha reCAPTCHA WordPress plugin before 1.7 doesn't check the proper IP address... Moderate Unreviewed

CVE-2022-2913 was published Sep 17, 2022

The Titan Anti-spam & Security WordPress plugin before 7.3.1 does not properly checks HTTP... Moderate Unreviewed

CVE-2022-2877 was published Sep 17, 2022

Squiz Matrix CMS 6.20 is vulnerable to an Insecure Direct Object Reference caused by failure to... Moderate Unreviewed

CVE-2022-32277 was published Sep 7, 2022

The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its... Moderate Unreviewed

CVE-2022-2034 was published Aug 29, 2022

The Sensei LMS WordPress plugin before 4.5.2 does not ensure that the sender of a private message... Moderate Unreviewed

CVE-2022-2080 was published Aug 29, 2022

The WPQA Builder WordPress plugin before 5.7 which is a companion plugin to the Hilmer and Discy ... Moderate Unreviewed

CVE-2022-2198 was published Aug 23, 2022

Mealie 1.0.0beta3 was discovered to contain an Insecure Direct Object Reference (IDOR)... Moderate Unreviewed

CVE-2022-34621 was published Aug 20, 2022

The SearchWP Live Ajax Search WordPress plugin before 1.6.2 does not ensure that users making a... Moderate Unreviewed

CVE-2022-2535 was published Aug 16, 2022

Previous 1 2 … 6 7 8 9 10 11 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

318 advisories