GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
186 advisories
Filter by severity
The WP Project Manager – Task, team, and project management plugin featuring kanban board and...
High
Unreviewed
CVE-2024-10174
was published
Nov 13, 2024
This vulnerability exists in the Wave 2.0 due to missing authorization check on certain API...
High
Unreviewed
CVE-2024-51559
was published
Nov 4, 2024
An Insecure Direct Object Reference (IDOR) in the dashboard of SiSMART v7.4.0 allows attackers to...
High
Unreviewed
CVE-2024-48217
was published
Nov 1, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Paid Memberships Pro allows...
High
Unreviewed
CVE-2024-37277
was published
Nov 1, 2024
An Insecure Direct Object Reference (IDOR) vulnerability in appointment-detail.php in Phpgurukul...
High
Unreviewed
CVE-2024-51066
was published
Oct 31, 2024
An IDOR vulnerability exists in the 'Evaluations' function of the 'umgws datasets' section in...
High
Unreviewed
CVE-2024-7473
was published
Oct 29, 2024
The School Management System – WPSchoolPress plugin for WordPress is vulnerable to privilege...
High
Unreviewed
CVE-2024-9637
was published
Oct 26, 2024
The Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors...
High
Unreviewed
CVE-2024-9215
was published
Oct 17, 2024
An authorization bypass through user-controlled key vulnerability affecting 3DSwym in 3DSwymer on...
High
Unreviewed
CVE-2024-8040
was published
Oct 16, 2024
The WP 2FA with Telegram plugin for WordPress is vulnerable to Authentication Bypass in versions...
High
Unreviewed
CVE-2024-9687
was published
Oct 15, 2024
An Authorization Bypass Through User-Controlled Key vulnerability allows a locally authenticated...
High
Unreviewed
CVE-2024-47495
was published
Oct 11, 2024
This vulnerability exists in the Shilpi Net Back Office due to improper access controls on...
High
Unreviewed
CVE-2024-47657
was published
Oct 4, 2024
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible...
High
Unreviewed
CVE-2024-8290
was published
Sep 25, 2024
Sentry improperly authorizes muting of alert rules
High
CVE-2024-45606
was published
for
sentry
(pip)
Sep 17, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Utarit Information SoliClub...
High
Unreviewed
CVE-2024-3306
was published
Sep 12, 2024
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to improper access controls on its...
High
Unreviewed
CVE-2024-45786
was published
Sep 11, 2024
This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to...
High
Unreviewed
CVE-2024-8601
was published
Sep 9, 2024
The ForumWP – Forum & Discussion Board Plugin plugin for WordPress is vulnerable to Privilege...
High
Unreviewed
CVE-2024-8428
was published
Sep 6, 2024
A bug in the 9p authentication implementation within lib9p allows an attacker with an existing...
High
Unreviewed
CVE-2024-8158
was published
Aug 26, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Checkout Plugins Stripe...
High
Unreviewed
CVE-2024-43315
was published
Aug 19, 2024
Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product...
High
Unreviewed
CVE-2024-42464
was published
Aug 16, 2024
Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product...
High
Unreviewed
CVE-2024-42463
was published
Aug 16, 2024
NATO NCI ANET 3.4.1 allows Insecure Direct Object Reference via a modified ID field in a request...
High
Unreviewed
CVE-2024-38447
was published
Jul 17, 2024
Sylius has a security vulnerability via adjustments API endpoint
High
CVE-2024-40633
was published
for
sylius/sylius
(Composer)
Jul 17, 2024
ProTip!
Advisories are also available from the
GraphQL API