Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,030
Maven
5,000+
npm
3,732
NuGet
662
pip
3,409
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+

192 advisories

Loading
Authorization Bypass Through User-Controlled Key vulnerability in Automattic WooPayments – Fully... High Unreviewed
CVE-2023-35916 was published Dec 20, 2023
An indirect Object Reference (IDOR) in the Order and Invoice pages in Floorsight Customer Portal... High Unreviewed
CVE-2023-45893 was published Jan 2, 2024
An issue discovered in the Order and Invoice pages in Floorsight Insights Q3 2023 allows an... High Unreviewed
CVE-2023-45892 was published Jan 2, 2024
HCL DRYiCE MyXalytics is impacted by an Insecure Direct Object Reference (IDOR) vulnerability.  A... High Unreviewed
CVE-2023-50342 was published Jan 3, 2024
Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Stripe... High Unreviewed
CVE-2023-51502 was published Jan 5, 2024
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been declared as... High Unreviewed
CVE-2024-0264 was published Jan 7, 2024
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate... High Unreviewed
CVE-2023-49251 was published Jan 9, 2024
The Moderna Sistemas ModernaNet Hospital Management System 2024 is susceptible to an Insecure... High Unreviewed
CVE-2024-23747 was published Jan 29, 2024
Authorization Bypass Through User-Controlled Key vulnerability in ali Forms Contact Form builder... High Unreviewed
CVE-2024-22305 was published Jan 31, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Mia Technology Inc. MİA-MED... High Unreviewed
CVE-2023-6515 was published Feb 8, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering... High Unreviewed
CVE-2023-6724 was published Feb 9, 2024
Authorization Bypass Through User-Controlled Key vulnerability in NetIQ (OpenText) Client Login... High Unreviewed
CVE-2024-1470 was published Feb 29, 2024
An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiOS version 7... High Unreviewed
CVE-2024-23112 was published Mar 12, 2024
A vulnerability, which was classified as critical, has been found in SourceCodester Employee Task... High Unreviewed
CVE-2024-2575 was published Mar 18, 2024
A vulnerability classified as critical was found in SourceCodester Employee Task Management... High Unreviewed
CVE-2024-2574 was published Mar 18, 2024
A vulnerability, which was classified as critical, was found in SourceCodester Employee Task... High Unreviewed
CVE-2024-2576 was published Mar 18, 2024
A vulnerability has been found in SourceCodester Employee Task Management System 1.0 and... High Unreviewed
CVE-2024-2577 was published Mar 18, 2024
OneUptime Vulnerable to a Privilege Escalation via Local Storage Key Manipulation High
CVE-2024-29194 was published for @oneuptime/common-server (npm) Mar 25, 2024
saunders-jake
Authorization Bypass Through User-Controlled Key vulnerability in ExtremePacs Extreme XDS allows... High Unreviewed
CVE-2023-6523 was published Apr 5, 2024
Grafana: Users outside an organization can delete a snapshot with its key High
CVE-2024-1313 was published for github.com/grafana/grafana (Go) Apr 5, 2024
jaypanu42 PlayerX555
aviv320i
A prompt bypass exists in the secondscreen.gateway service running on webOS version 4 through 7.... High Unreviewed
CVE-2023-6317 was published Apr 9, 2024
Webid v1.2.1 suffers from an Insecure Direct Object Reference (IDOR) - Broken Access Control... High Unreviewed
CVE-2024-32166 was published Apr 19, 2024
Insecure Direct Object References (IDOR) vulnerability in Hospital Management System 1.0 allows... High Unreviewed
CVE-2024-28320 was published Apr 29, 2024
Arbitrary File Read vulnerability in novel-plus 4.3.0 and before allows a remote attacker to... High Unreviewed
CVE-2024-33383 was published Apr 30, 2024
SQL injection vulnerability in Vaales Technologies V_QRS v.2024-01-17 allows a remote attacker to... High Unreviewed
CVE-2024-24312 was published May 1, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database