Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

15 advisories

Loading
ManageEngine Endpoint Central versions before 11.3.2440.09 are vulnerable to IDOR vulnerability... Low Unreviewed
CVE-2024-9097 was published Feb 5, 2025
TrueFiling is a collaborative, web-based electronic filing system where attorneys, paralegals,... Low Unreviewed
CVE-2024-11146 was published Jan 17, 2025
Oqtane Framework Insecure Direct Object Reference vulnerability Low
CVE-2024-55186 was published for Oqtane.Client (NuGet) Dec 20, 2024
Path Traversal and Insecure Direct Object Reference (IDOR) vulnerabilities in the eSignaViewer... Low Unreviewed
CVE-2024-12014 was published Dec 20, 2024
Grafana org admin can delete pending invites in different org Low
CVE-2024-10452 was published for github.com/grafana/grafana (Go) Oct 29, 2024
Sensitive information manipulation due to improper authorization. The following products are... Low Unreviewed
CVE-2024-49388 was published Oct 15, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 17.1.7... Low Unreviewed
CVE-2024-6685 was published Sep 17, 2024
OpenSearch Observability does not properly restrict access to private tenant resources Low
CVE-2024-39901 was published for org.opensearch.plugin:opensearch-observability (Maven) Jul 10, 2024
@strapi/plugin-content-manager leaks data via relations via the Admin Panel Low
CVE-2024-29181 was published for @strapi/plugin-content-manager (npm) Jun 12, 2024
felixdkatt derrickmehaffy
Bassel17 christiancp100
Authorization Bypass Through User-Controlled Key vulnerability in Molongui.This issue affects... Low Unreviewed
CVE-2024-30507 was published Mar 29, 2024
Authorization Bypass Through User-Controlled Key vulnerability in gVectors Team Comments –... Low Unreviewed
CVE-2023-46311 was published Dec 20, 2023
Economizzer Insecure Direct Object Reference vulnerability Low
CVE-2023-38872 was published for gugoan/economizzer (Composer) Sep 28, 2023
Sensitive information disclosure and manipulation due to improper authorization. The following... Low Unreviewed
CVE-2023-44154 was published Sep 27, 2023
Sensitive information disclosure due to improper authorization. The following products are... Low Unreviewed
CVE-2023-44205 was published Sep 27, 2023
The WPQA Builder WordPress plugin before 5.9.3 (which is a companion plugin used with Discy and... Low Unreviewed
CVE-2022-3343 was published Jan 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database