GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
265 advisories
Filter by severity
The QSige Monitor application does not have an access control mechanism to verify whether the...
Moderate
Unreviewed
CVE-2023-4099
was published
Oct 3, 2023
An Indirect Object Reference (IDOR) in Fl3xx Dispatch 2.10.37 and fl3xx Crew 2.10.37 allows a...
Moderate
Unreviewed
CVE-2023-42334
was published
Sep 20, 2023
The OData service of the S4 HANA (Manage checkbook apps) - versions 102, 103, 104, 105, 106, 107,...
Moderate
Unreviewed
CVE-2023-41368
was published
Sep 14, 2023
** UNSUPPPORTED WHEN ASSIGNED ** An IDOR vulnerability has been found in ZKTeco ZEM800 product...
Moderate
Unreviewed
CVE-2023-4587
was published
Sep 4, 2023
The BadgeOS plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up...
Moderate
Unreviewed
CVE-2023-2173
was published
Aug 31, 2023
The BadgeOS plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up...
Moderate
Unreviewed
CVE-2023-2172
was published
Aug 31, 2023
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure...
Moderate
Unreviewed
CVE-2023-0689
was published
Aug 31, 2023
The All Users Messenger WordPress plugin through 1.24 does not prevent non-administrator users...
Moderate
Unreviewed
CVE-2023-4023
was published
Aug 30, 2023
The Simple Blog Card WordPress plugin before 1.32 does not ensure that posts to be displayed via...
Moderate
Unreviewed
CVE-2023-4036
was published
Aug 30, 2023
An issue was discovered in phpList 3.6.12. Due to an access error, it was possible to manipulate...
Moderate
Unreviewed
CVE-2023-27576
was published
Aug 18, 2023
The Simple Author Box WordPress plugin before 2.52 does not verify a user ID before outputting...
Moderate
Unreviewed
CVE-2023-3601
was published
Aug 14, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.10 before 15...
Moderate
Unreviewed
CVE-2023-2190
was published
Jul 13, 2023
A security defect was discovered in Foundry job-tracker that enabled users to query metadata...
Moderate
Unreviewed
CVE-2023-30960
was published
Jul 11, 2023
A security defect was identified in Foundry Comments that enabled a user to discover the contents...
Moderate
Unreviewed
CVE-2023-30956
was published
Jul 11, 2023
The EventON WordPress plugin before 2.1.2 does not validate that the event_id parameter in its...
Moderate
Unreviewed
CVE-2023-3219
was published
Jul 10, 2023
HGiga MailSherlock has vulnerability of insufficient access control. An unauthenticated remote...
Moderate
Unreviewed
CVE-2023-24842
was published
Jul 6, 2023
Attackers can successfully request arbitrary snippet IDs, including E-Mail signatures of other...
Moderate
Unreviewed
CVE-2023-26428
was published
Jun 20, 2023
The Upload Resume WordPress plugin through 1.2.0 does not validate the captcha parameter when...
Moderate
Unreviewed
CVE-2023-2751
was published
Jun 19, 2023
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure...
Moderate
Unreviewed
CVE-2023-0694
was published
Jun 9, 2023
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure...
Moderate
Unreviewed
CVE-2023-0691
was published
Jun 9, 2023
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure...
Moderate
Unreviewed
CVE-2023-0692
was published
Jun 9, 2023
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure...
Moderate
Unreviewed
CVE-2023-0693
was published
Jun 9, 2023
The Directorist plugin for WordPress is vulnerable to an Insecure Direct Object Reference in...
Moderate
Unreviewed
CVE-2023-1889
was published
Jun 9, 2023
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure...
Moderate
Unreviewed
CVE-2023-0688
was published
Jun 9, 2023
Insecure permissions in the updateUserInfo function of newbee-mall before commit 1f2c2dfy allows...
Moderate
Unreviewed
CVE-2023-30216
was published
May 4, 2023
ProTip!
Advisories are also available from the
GraphQL API