GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,131
Erlang
29
GitHub Actions
19
Go
1,936
Maven
5,000+
npm
3,671
NuGet
642
pip
3,288
Pub
10
RubyGems
873
Rust
828
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
473 advisories
Filter by severity
The WP 2FA with Telegram plugin for WordPress is vulnerable to Authentication Bypass in versions...
High
Unreviewed
CVE-2024-9687
was published
Oct 15, 2024
An Authorization Bypass Through User-Controlled Key vulnerability allows a locally authenticated...
High
Unreviewed
CVE-2024-47495
was published
Oct 11, 2024
A vulnerability classified as problematic was found in Sovell Smart Canteen System up to 3.0.7303...
Moderate
Unreviewed
CVE-2024-9554
was published
Oct 6, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Salon Booking System Salon...
Moderate
Unreviewed
CVE-2024-47316
was published
Oct 5, 2024
This vulnerability exists in the Shilpi Net Back Office due to improper access controls on...
High
Unreviewed
CVE-2024-47657
was published
Oct 4, 2024
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series...
Moderate
Unreviewed
CVE-2024-20513
was published
Oct 2, 2024
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-9298
was published
Sep 28, 2024
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible...
High
Unreviewed
CVE-2024-8290
was published
Sep 25, 2024
The REST API TO MiniProgram plugin for WordPress is vulnerable to privilege escalation via...
Critical
Unreviewed
CVE-2024-8485
was published
Sep 25, 2024
The Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress plugin...
Critical
Unreviewed
CVE-2024-8791
was published
Sep 24, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 17.1.7...
Low
Unreviewed
CVE-2024-6685
was published
Sep 17, 2024
An improper access control (IDOR) vulnerability in the /api-selfportal/get-info-token-properties...
Critical
Unreviewed
CVE-2024-46937
was published
Sep 16, 2024
The WooCommerce Multiple Free Gift plugin for WordPress is vulnerable to gift manipulation in all...
Moderate
Unreviewed
CVE-2022-3459
was published
Sep 16, 2024
An issue in Mirapolis LMS 4.6.XX allows authenticated users to exploit an Insecure Direct Object...
Moderate
Unreviewed
CVE-2024-25270
was published
Sep 12, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Utarit Information SoliClub...
High
Unreviewed
CVE-2024-3306
was published
Sep 12, 2024
An unauthenticated Insecure Direct Object Reference (IDOR) to the database has been found in the...
Critical
Unreviewed
CVE-2024-27113
was published
Sep 11, 2024
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to improper access controls on its...
High
Unreviewed
CVE-2024-45786
was published
Sep 11, 2024
An authorization bypass through user-controlled key [CWE-639] vulnerability in FortiAnalyzer...
Moderate
Unreviewed
CVE-2023-44254
was published
Sep 10, 2024
A vulnerability has been identified in Industrial Edge Management Pro (All versions < V1.9.5),...
Critical
Unreviewed
CVE-2024-45032
was published
Sep 10, 2024
This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to...
High
Unreviewed
CVE-2024-8601
was published
Sep 9, 2024
The ForumWP – Forum & Discussion Board Plugin plugin for WordPress is vulnerable to Privilege...
High
Unreviewed
CVE-2024-8428
was published
Sep 6, 2024
The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to...
Critical
Unreviewed
CVE-2024-8292
was published
Sep 6, 2024
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Insecure...
Moderate
Unreviewed
CVE-2024-8123
was published
Sep 4, 2024
An Insecure Direct Object Reference (IDOR) in PTC ThingWorx v9.5.0 allows attackers to view...
Moderate
Unreviewed
CVE-2024-40395
was published
Aug 27, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project...
Moderate
Unreviewed
CVE-2024-43916
was published
Aug 26, 2024
ProTip!
Advisories are also available from the
GraphQL API