Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,613
NuGet
638
pip
3,210
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

534 advisories

Loading
An authorization bypass through user-controlled key vulnerability [CWE-639] in... High Unreviewed
CVE-2023-40720 was published May 14, 2024
Globitel KSA SpeechLog v8.1 was discovered to contain an Insecure Direct Object Reference (IDOR)... Unknown Unreviewed
CVE-2024-33818 was published May 14, 2024
IDOR vulnerability in Janto Ticketing Software affecting version 4.3r10. This vulnerability could... High Unreviewed
CVE-2024-4538 was published May 7, 2024
IDOR vulnerability in Janto Ticketing Software affecting version 4.3r10. This vulnerability could... High Unreviewed
CVE-2024-4537 was published May 7, 2024
Authorization Bypass Through User-Controlled Key vulnerability in The SEO Guys at SEOPress... Moderate Unreviewed
CVE-2024-34383 was published May 6, 2024
SQL injection vulnerability in Vaales Technologies V_QRS v.2024-01-17 allows a remote attacker to... High Unreviewed
CVE-2024-24312 was published May 1, 2024
Arbitrary File Read vulnerability in novel-plus 4.3.0 and before allows a remote attacker to... High Unreviewed
CVE-2024-33383 was published Apr 30, 2024
Insecure Direct Object References (IDOR) vulnerability in Hospital Management System 1.0 allows... High Unreviewed
CVE-2024-28320 was published Apr 29, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Fabio Rinaldi Crelly Slider... Moderate Unreviewed
CVE-2024-33542 was published Apr 29, 2024
An issue was discovered in Zammad before 6.3.0. The Zammad Upload Cache uses insecure, partially... Critical Unreviewed
CVE-2024-33668 was published Apr 26, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This... Moderate Unreviewed
CVE-2024-32772 was published Apr 24, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This... Moderate Unreviewed
CVE-2024-32808 was published Apr 24, 2024
Authorization Bypass Through User-Controlled Key vulnerability in FeedbackWP Rate my Post – WP... Moderate Unreviewed
CVE-2024-32823 was published Apr 24, 2024
Webid v1.2.1 suffers from an Insecure Direct Object Reference (IDOR) - Broken Access Control... High Unreviewed
CVE-2024-32166 was published Apr 19, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Wpmet Wp Ultimate Review.This... Moderate Unreviewed
CVE-2024-32683 was published Apr 19, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Plechev Andrey WP-Recall.This... Moderate Unreviewed
CVE-2024-32604 was published Apr 18, 2024
A potential security vulnerability has been identified in HPE FlexFabric and FlexNetwork series... Moderate Unreviewed
CVE-2024-22439 was published Apr 15, 2024
Reportico affected by Incorrect Access Control Moderate
CVE-2023-48865 was published for reportico-web/reportico (Composer) Apr 12, 2024
An issue in ZKTeko BioTime v.8.5.4 and before allows a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2023-51141 was published Apr 11, 2024
A prompt bypass exists in the secondscreen.gateway service running on webOS version 4 through 7.... High Unreviewed
CVE-2023-6317 was published Apr 9, 2024
Insecure Direct Object Reference (IDOR) in GNU Savane v.3.12 and before allows a remote attacker... Unknown Unreviewed
CVE-2024-27630 was published Apr 8, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Repute Infosystems BookingPress... Moderate Unreviewed
CVE-2024-31296 was published Apr 7, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This... Moderate Unreviewed
CVE-2024-31291 was published Apr 7, 2024
Grafana: Users outside an organization can delete a snapshot with its key Moderate
CVE-2024-1313 was published for github.com/grafana/grafana (Go) Apr 5, 2024
jaypanu42 PlayerX555
aviv320i
Authorization Bypass Through User-Controlled Key vulnerability in ExtremePacs Extreme XDS allows... High Unreviewed
CVE-2023-6523 was published Apr 5, 2024
ProTip! Advisories are also available from the GraphQL API