GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
169 advisories
Filter by severity
The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized...
High
Unreviewed
CVE-2024-10855
was published
Nov 20, 2024
An IDOR (Insecure Direct Object Reference) vulnerability has been discovered in AbsysNet,...
High
Unreviewed
CVE-2024-11318
was published
Nov 18, 2024
The WP Project Manager – Task, team, and project management plugin featuring kanban board and...
High
Unreviewed
CVE-2024-10174
was published
Nov 13, 2024
SOCIFI Socifi Guest wifi as SAAS wifi portal is affected by Insecure Permissions. Any authorized...
High
Unreviewed
CVE-2021-27700
was published
Nov 13, 2024
This vulnerability exists in the Wave 2.0 due to missing authorization check on certain API...
High
Unreviewed
CVE-2024-51559
was published
Nov 4, 2024
An Insecure Direct Object Reference (IDOR) in the dashboard of SiSMART v7.4.0 allows attackers to...
High
Unreviewed
CVE-2024-48217
was published
Nov 1, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Paid Memberships Pro allows...
High
Unreviewed
CVE-2024-37277
was published
Nov 1, 2024
An Insecure Direct Object Reference (IDOR) vulnerability in appointment-detail.php in Phpgurukul...
High
Unreviewed
CVE-2024-51066
was published
Oct 31, 2024
An IDOR vulnerability exists in the 'Evaluations' function of the 'umgws datasets' section in...
High
Unreviewed
CVE-2024-7473
was published
Oct 29, 2024
The School Management System – WPSchoolPress plugin for WordPress is vulnerable to privilege...
High
Unreviewed
CVE-2024-9637
was published
Oct 26, 2024
The Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors...
High
Unreviewed
CVE-2024-9215
was published
Oct 17, 2024
An authorization bypass through user-controlled key vulnerability affecting 3DSwym in 3DSwymer on...
High
Unreviewed
CVE-2024-8040
was published
Oct 16, 2024
The WP 2FA with Telegram plugin for WordPress is vulnerable to Authentication Bypass in versions...
High
Unreviewed
CVE-2024-9687
was published
Oct 15, 2024
An Authorization Bypass Through User-Controlled Key vulnerability allows a locally authenticated...
High
Unreviewed
CVE-2024-47495
was published
Oct 11, 2024
This vulnerability exists in the Shilpi Net Back Office due to improper access controls on...
High
Unreviewed
CVE-2024-47657
was published
Oct 4, 2024
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible...
High
Unreviewed
CVE-2024-8290
was published
Sep 25, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Utarit Information SoliClub...
High
Unreviewed
CVE-2024-3306
was published
Sep 12, 2024
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to improper access controls on its...
High
Unreviewed
CVE-2024-45786
was published
Sep 11, 2024
This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to...
High
Unreviewed
CVE-2024-8601
was published
Sep 9, 2024
The ForumWP – Forum & Discussion Board Plugin plugin for WordPress is vulnerable to Privilege...
High
Unreviewed
CVE-2024-8428
was published
Sep 6, 2024
A bug in the 9p authentication implementation within lib9p allows an attacker with an existing...
High
Unreviewed
CVE-2024-8158
was published
Aug 26, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Checkout Plugins Stripe...
High
Unreviewed
CVE-2024-43315
was published
Aug 19, 2024
Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product...
High
Unreviewed
CVE-2024-42463
was published
Aug 16, 2024
Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product...
High
Unreviewed
CVE-2024-42464
was published
Aug 16, 2024
NATO NCI ANET 3.4.1 allows Insecure Direct Object Reference via a modified ID field in a request...
High
Unreviewed
CVE-2024-38447
was published
Jul 17, 2024
ProTip!
Advisories are also available from the
GraphQL API