GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,388
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,752
Maven 4,982
npm 3,516
NuGet 609
pip 3,090
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,456

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

463 advisories

Filter by severity

Sort by

Least recently updated

A security defect was discovered in Foundry job-tracker that enabled users to query metadata... Moderate Unreviewed

CVE-2023-30960 was published Jul 11, 2023

The EventON WordPress plugin before 2.1.2 does not validate that the event_id parameter in its... Moderate Unreviewed

CVE-2023-3219 was published Jul 10, 2023

An Authorization Bypass vulnerability was found in MB Connect Lines mbCONNECT24, mymbCONNECT24... High Unreviewed

CVE-2023-0985 was published Jul 6, 2023

The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is... Critical Unreviewed

CVE-2023-2276 was published Jul 6, 2023

EasyTor Applications – Authorization Bypass - EasyTor Applications may allow authorization... Critical Unreviewed

CVE-2023-31182 was published Jul 6, 2023

NGINX Management Suite may allow an authenticated attacker to gain access to configuration... High Unreviewed

CVE-2023-28656 was published Jul 6, 2023

HGiga MailSherlock has vulnerability of insufficient access control. An unauthenticated remote... Moderate Unreviewed

CVE-2023-24842 was published Jul 6, 2023

Algan YazÄ±lÄ±m Prens Student Information System product has an authenticated Insecure Direct... High Unreviewed

CVE-2022-2808 was published Jul 6, 2023

Auth. (subscriber+) Insecure Direct Object References (IDOR) vulnerability in Comments – wpDiscuz... High Unreviewed

CVE-2022-43492 was published Jul 6, 2023

Vulnerability of commands from the modem being intercepted in the atcmdserver module. Attackers... Critical Unreviewed

CVE-2023-37242 was published Jul 6, 2023

Insecure Direct Object Reference vulnerability in WHMCS module SolusVM 1 4.1.2 allows an attacker... High Unreviewed

CVE-2022-42175 was published Jul 5, 2023

The Tutor LMS WordPress plugin before 2.2.1 does not implement adequate permission checks for... High Unreviewed

CVE-2023-3133 was published Jul 4, 2023

The SP Project & Document Manager plugin for WordPress is vulnerable to Insecure Direct Object... High Unreviewed

CVE-2023-3063 was published Jun 30, 2023

Authorization Bypass Through User-Controlled Key vulnerability in JS Help Desk js-support-ticket... High Unreviewed

CVE-2023-23679 was published Jun 23, 2023

Attackers can successfully request arbitrary snippet IDs, including E-Mail signatures of other... Moderate Unreviewed

CVE-2023-26428 was published Jun 20, 2023

The Upload Resume WordPress plugin through 1.2.0 does not validate the captcha parameter when... Moderate Unreviewed

CVE-2023-2751 was published Jun 19, 2023

Unauth. IDOR vulnerability leading to PII Disclosure in WooCommerce Stripe Payment Gateway plugin... High Unreviewed

CVE-2023-34000 was published Jun 14, 2023

Authorization Bypass Through User-Controlled Key vulnerability in TMT Lockcell allows... Critical Unreviewed

CVE-2023-3048 was published Jun 13, 2023

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure... Moderate Unreviewed

CVE-2023-0691 was published Jun 9, 2023

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure... Moderate Unreviewed

CVE-2023-0692 was published Jun 9, 2023

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure... Moderate Unreviewed

CVE-2023-0693 was published Jun 9, 2023

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure... Moderate Unreviewed

CVE-2023-0688 was published Jun 9, 2023

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure... Moderate Unreviewed

CVE-2023-0694 was published Jun 9, 2023

The Directorist plugin for WordPress is vulnerable to an Insecure Direct Object Reference in... Moderate Unreviewed

CVE-2023-1889 was published Jun 9, 2023

An issue discovered in SeedDMS 6.0.15 allows an attacker to escalate privileges via the userid... High Unreviewed

CVE-2021-33223 was published Jun 7, 2023

Previous 1 2 … 5 6 7 8 9 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

463 advisories