GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,388
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,752
Maven 4,982
npm 3,516
NuGet 609
pip 3,090
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,456

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

269 advisories

Filter by severity

Sort by

Least recently updated

Authorization Bypass Through User-Controlled Key vulnerability in UPQODE Whizz.This issue affects... Moderate Unreviewed

CVE-2024-30543 was published Mar 31, 2024

Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This... Moderate Unreviewed

CVE-2024-30513 was published Mar 29, 2024

Duplicate Advisory: Grafana vulnerable to authorization bypass Moderate

GHSA-mh7p-8m2f-qrm6 was published for github.com/grafana/grafana (Go) Mar 26, 2024 • withdrawn

An authorization bypass was discovered in the Carrier MASmobile Classic application through 1.16... Moderate Unreviewed

CVE-2023-36483 was published Mar 16, 2024

The Starbox – the Author Box for Humans plugin for WordPress is vulnerable to Insecure Direct... Moderate Unreviewed

CVE-2024-0366 was published Feb 6, 2024

The Display custom fields in the frontend – Post and User Profile Fields plugin for WordPress is... Moderate Unreviewed

CVE-2023-6983 was published Feb 6, 2024

The Relevanssi WordPress plugin before 4.22.0, Relevanssi Premium WordPress plugin before 2.25.0... Moderate Unreviewed

CVE-2023-7199 was published Jan 29, 2024

The WP User Profile Avatar WordPress plugin before 1.0.1 does not properly check for... Moderate Unreviewed

CVE-2023-6384 was published Jan 22, 2024

Omission of user-controlled key authorization in the IDMSistemas platform, affecting the QSige... Moderate Unreviewed

CVE-2024-0580 was published Jan 18, 2024

Insecure Direct Object Reference vulnerabilities were discovered in the Avaya Aura Experience... Moderate Unreviewed

CVE-2023-7031 was published Jan 17, 2024

An issue in webkul qloapps before v1.6.0 allows an attacker to obtain sensitive information via... Moderate Unreviewed

CVE-2023-36235 was published Jan 17, 2024

The LearnPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all... Moderate Unreviewed

CVE-2023-6223 was published Jan 11, 2024

The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Insecure Direct... Moderate Unreviewed

CVE-2023-6630 was published Jan 11, 2024

An Authorization Bypass Through User-Controlled Key vulnerability [CWE-639] affecting PortiPortal... Moderate Unreviewed

CVE-2023-48783 was published Jan 10, 2024

Authorization Bypass Through User-Controlled Key vulnerability in Automattic WooPayments – Fully... Moderate Unreviewed

CVE-2023-51503 was published Dec 31, 2023

Improper access control in all versions of GitHub Enterprise Server allows unauthorized users to... Moderate Unreviewed

CVE-2023-46646 was published Dec 21, 2023

Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce... Moderate Unreviewed

CVE-2023-32747 was published Dec 21, 2023

Authorization Bypass Through User-Controlled Key vulnerability in Blaz K. Rate my Post – WP... Moderate Unreviewed

CVE-2023-49765 was published Dec 21, 2023

Authorization Bypass Through User-Controlled Key vulnerability in KaineLabs Youzify – BuddyPress... Moderate Unreviewed

CVE-2023-47191 was published Dec 21, 2023

Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Shipping Multiple... Moderate Unreviewed

CVE-2023-32799 was published Dec 21, 2023

Authorization Bypass Through User-Controlled Key vulnerability in MarketingFire Editorial... Moderate Unreviewed

CVE-2023-36520 was published Dec 20, 2023

Authorization Bypass Through User-Controlled Key vulnerability in WP Sunshine Sunshine Photo Cart... Moderate Unreviewed

CVE-2023-41796 was published Dec 20, 2023

Authorization Bypass Through User-Controlled Key vulnerability in Jordy Meow Photo Engine (Media... Moderate Unreviewed

CVE-2023-38513 was published Dec 20, 2023

Authorization Bypass Through User-Controlled Key vulnerability in XWP Stream.This issue affects... Moderate Unreviewed

CVE-2022-43450 was published Dec 20, 2023

Authorization Bypass Through User-Controlled Key vulnerability in J.N. Breetvelt a.K.A. OpaJaap... Moderate Unreviewed

CVE-2023-49812 was published Dec 19, 2023

Previous 1 2 3 4 5 … 10 11 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

269 advisories