GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
463 advisories
Filter by severity
A security defect was discovered in Foundry job-tracker that enabled users to query metadata...
Moderate
Unreviewed
CVE-2023-30960
was published
Jul 11, 2023
The EventON WordPress plugin before 2.1.2 does not validate that the event_id parameter in its...
Moderate
Unreviewed
CVE-2023-3219
was published
Jul 10, 2023
An Authorization Bypass vulnerability was found in MB Connect Lines mbCONNECT24, mymbCONNECT24...
High
Unreviewed
CVE-2023-0985
was published
Jul 6, 2023
The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is...
Critical
Unreviewed
CVE-2023-2276
was published
Jul 6, 2023
EasyTor Applications – Authorization Bypass - EasyTor Applications may allow authorization...
Critical
Unreviewed
CVE-2023-31182
was published
Jul 6, 2023
NGINX Management Suite may allow an authenticated attacker to gain access to configuration...
High
Unreviewed
CVE-2023-28656
was published
Jul 6, 2023
HGiga MailSherlock has vulnerability of insufficient access control. An unauthenticated remote...
Moderate
Unreviewed
CVE-2023-24842
was published
Jul 6, 2023
Algan Yazılım Prens Student Information System product has an authenticated Insecure Direct...
High
Unreviewed
CVE-2022-2808
was published
Jul 6, 2023
Auth. (subscriber+) Insecure Direct Object References (IDOR) vulnerability in Comments – wpDiscuz...
High
Unreviewed
CVE-2022-43492
was published
Jul 6, 2023
Vulnerability of commands from the modem being intercepted in the atcmdserver module. Attackers...
Critical
Unreviewed
CVE-2023-37242
was published
Jul 6, 2023
Insecure Direct Object Reference vulnerability in WHMCS module SolusVM 1 4.1.2 allows an attacker...
High
Unreviewed
CVE-2022-42175
was published
Jul 5, 2023
The Tutor LMS WordPress plugin before 2.2.1 does not implement adequate permission checks for...
High
Unreviewed
CVE-2023-3133
was published
Jul 4, 2023
The SP Project & Document Manager plugin for WordPress is vulnerable to Insecure Direct Object...
High
Unreviewed
CVE-2023-3063
was published
Jun 30, 2023
Authorization Bypass Through User-Controlled Key vulnerability in JS Help Desk js-support-ticket...
High
Unreviewed
CVE-2023-23679
was published
Jun 23, 2023
Attackers can successfully request arbitrary snippet IDs, including E-Mail signatures of other...
Moderate
Unreviewed
CVE-2023-26428
was published
Jun 20, 2023
The Upload Resume WordPress plugin through 1.2.0 does not validate the captcha parameter when...
Moderate
Unreviewed
CVE-2023-2751
was published
Jun 19, 2023
Unauth. IDOR vulnerability leading to PII Disclosure in WooCommerce Stripe Payment Gateway plugin...
High
Unreviewed
CVE-2023-34000
was published
Jun 14, 2023
Authorization Bypass Through User-Controlled Key vulnerability in TMT Lockcell allows...
Critical
Unreviewed
CVE-2023-3048
was published
Jun 13, 2023
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure...
Moderate
Unreviewed
CVE-2023-0691
was published
Jun 9, 2023
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure...
Moderate
Unreviewed
CVE-2023-0692
was published
Jun 9, 2023
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure...
Moderate
Unreviewed
CVE-2023-0693
was published
Jun 9, 2023
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure...
Moderate
Unreviewed
CVE-2023-0688
was published
Jun 9, 2023
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure...
Moderate
Unreviewed
CVE-2023-0694
was published
Jun 9, 2023
The Directorist plugin for WordPress is vulnerable to an Insecure Direct Object Reference in...
Moderate
Unreviewed
CVE-2023-1889
was published
Jun 9, 2023
An issue discovered in SeedDMS 6.0.15 allows an attacker to escalate privileges via the userid...
High
Unreviewed
CVE-2021-33223
was published
Jun 7, 2023
ProTip!
Advisories are also available from the
GraphQL API