GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
480 advisories
Filter by severity
The WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin plugin for...
Critical
Unreviewed
CVE-2024-9263
was published
Oct 17, 2024
The Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors...
High
Unreviewed
CVE-2024-9215
was published
Oct 17, 2024
The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to Arbitrary...
Critical
Unreviewed
CVE-2024-9862
was published
Oct 17, 2024
Dell E-Lab Navigator, [3.1.9, 3.2.0], contains an Insecure Direct Object Reference Vulnerability...
Moderate
Unreviewed
CVE-2024-22455
was published
Oct 16, 2024
An authorization bypass through user-controlled key vulnerability affecting 3DSwym in 3DSwymer on...
High
Unreviewed
CVE-2024-8040
was published
Oct 16, 2024
The plugin ACF Quick Edit Fields for WordPress is vulnerable to Insecure Direct Object Reference...
Moderate
Unreviewed
CVE-2023-7286
was published
Oct 16, 2024
Sensitive information manipulation due to improper authorization. The following products are...
Low
Unreviewed
CVE-2024-49388
was published
Oct 15, 2024
The WP 2FA with Telegram plugin for WordPress is vulnerable to Authentication Bypass in versions...
High
Unreviewed
CVE-2024-9687
was published
Oct 15, 2024
An Authorization Bypass Through User-Controlled Key vulnerability allows a locally authenticated...
High
Unreviewed
CVE-2024-47495
was published
Oct 11, 2024
A vulnerability classified as problematic was found in Sovell Smart Canteen System up to 3.0.7303...
Moderate
Unreviewed
CVE-2024-9554
was published
Oct 6, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Salon Booking System Salon...
Moderate
Unreviewed
CVE-2024-47316
was published
Oct 5, 2024
This vulnerability exists in the Shilpi Net Back Office due to improper access controls on...
High
Unreviewed
CVE-2024-47657
was published
Oct 4, 2024
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series...
Moderate
Unreviewed
CVE-2024-20513
was published
Oct 2, 2024
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-9298
was published
Sep 28, 2024
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible...
High
Unreviewed
CVE-2024-8290
was published
Sep 25, 2024
The REST API TO MiniProgram plugin for WordPress is vulnerable to privilege escalation via...
Critical
Unreviewed
CVE-2024-8485
was published
Sep 25, 2024
The Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress plugin...
Critical
Unreviewed
CVE-2024-8791
was published
Sep 24, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 17.1.7...
Low
Unreviewed
CVE-2024-6685
was published
Sep 17, 2024
An improper access control (IDOR) vulnerability in the /api-selfportal/get-info-token-properties...
Critical
Unreviewed
CVE-2024-46937
was published
Sep 16, 2024
The WooCommerce Multiple Free Gift plugin for WordPress is vulnerable to gift manipulation in all...
Moderate
Unreviewed
CVE-2022-3459
was published
Sep 16, 2024
An issue in Mirapolis LMS 4.6.XX allows authenticated users to exploit an Insecure Direct Object...
Moderate
Unreviewed
CVE-2024-25270
was published
Sep 12, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Utarit Information SoliClub...
High
Unreviewed
CVE-2024-3306
was published
Sep 12, 2024
An unauthenticated Insecure Direct Object Reference (IDOR) to the database has been found in the...
Critical
Unreviewed
CVE-2024-27113
was published
Sep 11, 2024
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to improper access controls on its...
High
Unreviewed
CVE-2024-45786
was published
Sep 11, 2024
An authorization bypass through user-controlled key [CWE-639] vulnerability in FortiAnalyzer...
Moderate
Unreviewed
CVE-2023-44254
was published
Sep 10, 2024
ProTip!
Advisories are also available from the
GraphQL API