GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

165 advisories

Filter by severity

Sort by

Least recently updated

An Authorization Bypass vulnerability was found in MB Connect Lines mbCONNECT24, mymbCONNECT24... High Unreviewed

CVE-2023-0985 was published Jul 6, 2023

NGINX Management Suite may allow an authenticated attacker to gain access to configuration... High Unreviewed

CVE-2023-28656 was published Jul 6, 2023

Algan YazÄ±lÄ±m Prens Student Information System product has an authenticated Insecure Direct... High Unreviewed

CVE-2022-2808 was published Jul 6, 2023

Auth. (subscriber+) Insecure Direct Object References (IDOR) vulnerability in Comments – wpDiscuz... High Unreviewed

CVE-2022-43492 was published Jul 6, 2023

Insecure Direct Object Reference vulnerability in WHMCS module SolusVM 1 4.1.2 allows an attacker... High Unreviewed

CVE-2022-42175 was published Jul 5, 2023

The Tutor LMS WordPress plugin before 2.2.1 does not implement adequate permission checks for... High Unreviewed

CVE-2023-3133 was published Jul 4, 2023

The SP Project & Document Manager plugin for WordPress is vulnerable to Insecure Direct Object... High Unreviewed

CVE-2023-3063 was published Jun 30, 2023

Authorization Bypass Through User-Controlled Key vulnerability in JS Help Desk js-support-ticket... High Unreviewed

CVE-2023-23679 was published Jun 23, 2023

Unauth. IDOR vulnerability leading to PII Disclosure in WooCommerce Stripe Payment Gateway plugin... High Unreviewed

CVE-2023-34000 was published Jun 14, 2023

An issue discovered in SeedDMS 6.0.15 allows an attacker to escalate privileges via the userid... High Unreviewed

CVE-2021-33223 was published Jun 7, 2023

Incorrect Authorization vulnerability in Mobatime mobile application AMXGT100 allows a low... High Unreviewed

CVE-2023-3066 was published Jun 5, 2023

Authorization Bypass Through User-Controlled Key vulnerability in CBOT Chatbot allows... High Unreviewed

CVE-2023-2883 was published May 25, 2023

Authorization Bypass Through User-Controlled Key vulnerability in Armoli Technology Cargo... High Unreviewed

CVE-2023-2065 was published May 24, 2023

Authorization Bypass Through User-Controlled Key vulnerability in Finex Media Competition... High Unreviewed

CVE-2023-2702 was published May 23, 2023

Missing Authorization in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0. High Unreviewed

CVE-2023-2844 was published May 23, 2023

The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in... High Unreviewed

CVE-2023-2548 was published May 16, 2023

Improper Authorization of Index Containing Sensitive Information in GitHub repository alfio-event... High Unreviewed

CVE-2023-2260 was published Apr 24, 2023

An issue was discovered in GitLab Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11... High Unreviewed

CVE-2018-17455 was published Apr 16, 2023

An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before... High Unreviewed

CVE-2018-17449 was published Apr 16, 2023

The listed versions of Nexx Smart Home devices lack proper access control when executing actions.... High Unreviewed

CVE-2023-1750 was published Apr 4, 2023

An issue in the password reset function of Peppermint v0.2.4 allows attackers to access the... High Unreviewed

CVE-2023-26984 was published Mar 29, 2023

Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the... High Unreviewed

CVE-2023-28686 was published Mar 24, 2023

Authorization Bypass Through User-Controlled Key vulnerability in Vadi Corporate Information... High Unreviewed

CVE-2023-1462 was published Mar 21, 2023

The WooCommerce Multiple Customer Addresses & Shipping WordPress plugin before 21.7 does not... High Unreviewed

CVE-2023-0865 was published Mar 20, 2023

CleverStupidDog yf-exam v 1.8.0 is vulnerable to Authentication Bypass. The program uses a fixed... High Unreviewed

CVE-2023-25403 was published Mar 4, 2023

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

165 advisories