GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,070
Composer 4,319
Erlang 31
GitHub Actions 21
Go 2,077
Maven 5,250
npm 3,746
NuGet 674
pip 3,435
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,285

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

568 advisories

Filter by severity

Sort by

Least recently updated

The Bricks Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all... Moderate Unreviewed

CVE-2024-4874 was published Jun 22, 2024

The User Profile Picture plugin for WordPress is vulnerable to Insecure Direct Object Reference... Moderate Unreviewed

CVE-2024-5639 was published Jun 21, 2024

Kiuwan provides an API endpoint /saas/rest/v1/info/application to get information about any ... Moderate Unreviewed

CVE-2023-49112 was published Jun 20, 2024

An issue in the LB-LINK BL-W1210M v2.0 router allows attackers to bypass password complexity... Moderate Unreviewed

CVE-2024-33373 was published Jun 14, 2024

Authorization Bypass Through User-Controlled Key vulnerability in KiviCare.This issue affects... Moderate Unreviewed

CVE-2024-35659 was published Jun 8, 2024

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-5438 was published Jun 7, 2024

An Incorrect Authorization vulnerability exists in lunary-ai/lunary versions up to and including... High Unreviewed

CVE-2024-5130 was published Jun 6, 2024

An Improper Access Control vulnerability exists in the lunary-ai/lunary repository, affecting... High Unreviewed

CVE-2024-5131 was published Jun 6, 2024

An Insecure Direct Object Reference (IDOR) vulnerability was identified in lunary-ai/lunary,... Critical Unreviewed

CVE-2024-5128 was published Jun 6, 2024

The contains an IDOR vulnerability that allows a user to comment on a private post by... Moderate Unreviewed

CVE-2024-4886 was published Jun 5, 2024

An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11... Moderate Unreviewed

CVE-2024-5258 was published May 23, 2024

An Insecure Direct Object Reference in Google Cloud's Looker allowed metadata exposure across... Moderate Unreviewed

CVE-2024-5166 was published May 22, 2024

In lunary-ai/lunary version 1.2.2, an incorrect synchronization vulnerability allows unprivileged... High Unreviewed

CVE-2024-4154 was published May 21, 2024

An Improper Access Control vulnerability exists in lunary-ai/lunary version 1.2.2, where users... High Unreviewed

CVE-2024-4151 was published May 20, 2024

ePO doesn't allow a regular privileged user to delete tasks or assignments. Insecure direct... Moderate Unreviewed

CVE-2024-4843 was published May 16, 2024

An authorization bypass through user-controlled key vulnerability [CWE-639] in... High Unreviewed

CVE-2023-40720 was published May 14, 2024

Globitel KSA SpeechLog v8.1 was discovered to contain an Insecure Direct Object Reference (IDOR)... Unknown Unreviewed

CVE-2024-33818 was published May 14, 2024

IDOR vulnerability in Janto Ticketing Software affecting version 4.3r10. This vulnerability could... High Unreviewed

CVE-2024-4538 was published May 7, 2024

IDOR vulnerability in Janto Ticketing Software affecting version 4.3r10. This vulnerability could... High Unreviewed

CVE-2024-4537 was published May 7, 2024

Authorization Bypass Through User-Controlled Key vulnerability in The SEO Guys at SEOPress... Moderate Unreviewed

CVE-2024-34383 was published May 6, 2024

SQL injection vulnerability in Vaales Technologies V_QRS v.2024-01-17 allows a remote attacker to... High Unreviewed

CVE-2024-24312 was published May 1, 2024

Arbitrary File Read vulnerability in novel-plus 4.3.0 and before allows a remote attacker to... High Unreviewed

CVE-2024-33383 was published Apr 30, 2024

ethOS through 1.3.3 ships with SSH host keys baked into the installation image, which allows man... Critical Unreviewed

CVE-2019-19755 was published Apr 30, 2024

Insecure Direct Object References (IDOR) vulnerability in Hospital Management System 1.0 allows... High Unreviewed

CVE-2024-28320 was published Apr 29, 2024

Authorization Bypass Through User-Controlled Key vulnerability in Fabio Rinaldi Crelly Slider... Moderate Unreviewed

CVE-2024-33542 was published Apr 29, 2024

Previous 1 2 … 5 6 7 8 9 … 22 23 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

568 advisories