Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

255 advisories

Loading
IBM InfoSphere Information Server 11.7 could allow an authenticated user to read or modify... Moderate Unreviewed
CVE-2024-31898 was published Jun 30, 2024
The Page and Post Clone plugin for WordPress is vulnerable to Insecure Direct Object Reference in... Moderate Unreviewed
CVE-2024-5942 was published Jun 29, 2024
The Bricks Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all... Moderate Unreviewed
CVE-2024-4874 was published Jun 22, 2024
The User Profile Picture plugin for WordPress is vulnerable to Insecure Direct Object Reference... Moderate Unreviewed
CVE-2024-5639 was published Jun 21, 2024
Kiuwan provides an API endpoint /saas/rest/v1/info/application to get information about any ... Moderate Unreviewed
CVE-2023-49112 was published Jun 20, 2024
Authorization Bypass Through User-Controlled Key vulnerability in KiviCare.This issue affects... Moderate Unreviewed
CVE-2024-35659 was published Jun 8, 2024
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-5438 was published Jun 7, 2024
The contains an IDOR vulnerability that allows a user to comment on a private post by... Moderate Unreviewed
CVE-2024-4886 was published Jun 5, 2024
An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11... Moderate Unreviewed
CVE-2024-5258 was published May 23, 2024
An Insecure Direct Object Reference in Google Cloud's Looker allowed metadata exposure across... Moderate Unreviewed
CVE-2024-5166 was published May 22, 2024
ePO doesn't allow a regular privileged user to delete tasks or assignments. Insecure direct... Moderate Unreviewed
CVE-2024-4843 was published May 16, 2024
Authorization Bypass Through User-Controlled Key vulnerability in The SEO Guys at SEOPress... Moderate Unreviewed
CVE-2024-34383 was published May 6, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Fabio Rinaldi Crelly Slider... Moderate Unreviewed
CVE-2024-33542 was published Apr 29, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This... Moderate Unreviewed
CVE-2024-32772 was published Apr 24, 2024
Authorization Bypass Through User-Controlled Key vulnerability in FeedbackWP Rate my Post – WP... Moderate Unreviewed
CVE-2024-32823 was published Apr 24, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This... Moderate Unreviewed
CVE-2024-32808 was published Apr 24, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Wpmet Wp Ultimate Review.This... Moderate Unreviewed
CVE-2024-32683 was published Apr 19, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Plechev Andrey WP-Recall.This... Moderate Unreviewed
CVE-2024-32604 was published Apr 18, 2024
A potential security vulnerability has been identified in HPE FlexFabric and FlexNetwork series... Moderate Unreviewed
CVE-2024-22439 was published Apr 15, 2024
An issue in ZKTeko BioTime v.8.5.4 and before allows a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2023-51141 was published Apr 11, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Repute Infosystems BookingPress... Moderate Unreviewed
CVE-2024-31296 was published Apr 7, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This... Moderate Unreviewed
CVE-2024-31291 was published Apr 7, 2024
Authorization Bypass Through User-Controlled Key vulnerability in UPQODE Whizz.This issue affects... Moderate Unreviewed
CVE-2024-30543 was published Mar 31, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This... Moderate Unreviewed
CVE-2024-30513 was published Mar 29, 2024
An authorization bypass was discovered in the Carrier MASmobile Classic application through 1.16... Moderate Unreviewed
CVE-2023-36483 was published Mar 16, 2024
ProTip! Advisories are also available from the GraphQL API