Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,782
NuGet
683
pip
3,460
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

696 advisories

Loading
Authorization Bypass Through User-Controlled Key vulnerability in Ricard Torres Thumbs Rating... Critical Unreviewed
CVE-2024-31095 was published Mar 31, 2024
Authorization Bypass Through User-Controlled Key vulnerability in UPQODE Whizz.This issue affects... Moderate Unreviewed
CVE-2024-30543 was published Mar 31, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This... Moderate Unreviewed
CVE-2024-30513 was published Mar 29, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Molongui.This issue affects... Low Unreviewed
CVE-2024-30507 was published Mar 29, 2024
Duplicate Advisory: Grafana vulnerable to authorization bypass Moderate
GHSA-mh7p-8m2f-qrm6 was published for github.com/grafana/grafana (Go) Mar 26, 2024 withdrawn
OneUptime Vulnerable to a Privilege Escalation via Local Storage Key Manipulation High
CVE-2024-29194 was published for @oneuptime/common-server (npm) Mar 25, 2024
saunders-jake
Improper authorization in the report management and creation module of BMC Control-M branches 9.0... Moderate Unreviewed
CVE-2024-1604 was published Mar 18, 2024
A vulnerability, which was classified as critical, was found in SourceCodester Employee Task... High Unreviewed
CVE-2024-2576 was published Mar 18, 2024
A vulnerability has been found in SourceCodester Employee Task Management System 1.0 and... High Unreviewed
CVE-2024-2577 was published Mar 18, 2024
A vulnerability classified as critical was found in SourceCodester Employee Task Management... High Unreviewed
CVE-2024-2574 was published Mar 18, 2024
A vulnerability, which was classified as critical, has been found in SourceCodester Employee Task... High Unreviewed
CVE-2024-2575 was published Mar 18, 2024
An authorization bypass was discovered in the Carrier MASmobile Classic application through 1.16... Moderate Unreviewed
CVE-2023-36483 was published Mar 16, 2024
Bagisto vulnerable to Insecure Direct Object Reference (IDOR) Moderate
CVE-2023-36238 was published for bagisto/bagisto (Composer) Mar 13, 2024
The User Shortcodes Plus plugin for WordPress is vulnerable to Insecure Direct Object Reference... Moderate Unreviewed
CVE-2023-6969 was published Mar 13, 2024
An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiOS version 7... High Unreviewed
CVE-2024-23112 was published Mar 12, 2024
Authorization Bypass Through User-Controlled Key in go-zero Critical
CVE-2024-27302 was published for github.com/zeromicro/go-zero (Go) Mar 4, 2024
cokeBeer
Authorization Bypass Through User-Controlled Key vulnerability in NetIQ (OpenText) Client Login... High Unreviewed
CVE-2024-1470 was published Feb 29, 2024
Authorization Bypass in moodle Moderate
CVE-2024-25983 was published for moodle/moodle (Composer) Feb 19, 2024
Ellucian Banner 9.17 allows Insecure Direct Object Reference (IDOR) via a modified bannerId to... Moderate Unreviewed
CVE-2023-49339 was published Feb 13, 2024
The MapPress Maps for WordPress plugin before 2.88.16 does not ensure that posts to be retrieve... Moderate Unreviewed
CVE-2024-0421 was published Feb 12, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering... High Unreviewed
CVE-2023-6724 was published Feb 9, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Mia Technology Inc. MİA-MED... High Unreviewed
CVE-2023-6515 was published Feb 8, 2024
The Starbox – the Author Box for Humans plugin for WordPress is vulnerable to Insecure Direct... Moderate Unreviewed
CVE-2024-0366 was published Feb 6, 2024
The Display custom fields in the frontend – Post and User Profile Fields plugin for WordPress is... Moderate Unreviewed
CVE-2023-6983 was published Feb 6, 2024
Authorization Bypass Through User-Controlled Key vulnerability in ali Forms Contact Form builder... High Unreviewed
CVE-2024-22305 was published Jan 31, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database