Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,831
Erlang
36
GitHub Actions
33
Go
2,451
Maven
5,000+
npm
4,073
NuGet
723
pip
3,868
Pub
12
RubyGems
943
Rust
1,010
Swift
39
Unreviewed advisories
All unreviewed
5,000+

249 advisories

Loading
Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Square... High Unreviewed
CVE-2023-35876 was published Dec 20, 2023
Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Woo Subscriptions... High Unreviewed
CVE-2023-35914 was published Dec 20, 2023
Authorization Bypass Through User-Controlled Key vulnerability in Automattic WooPayments – Fully... High Unreviewed
CVE-2023-35916 was published Dec 20, 2023
An issue discovered in the Order and Invoice pages in Floorsight Insights Q3 2023 allows an... High Unreviewed
CVE-2023-45892 was published Jan 2, 2024
An indirect Object Reference (IDOR) in the Order and Invoice pages in Floorsight Customer Portal... High Unreviewed
CVE-2023-45893 was published Jan 2, 2024
HCL DRYiCE MyXalytics is impacted by an Insecure Direct Object Reference (IDOR) vulnerability.  A... High Unreviewed
CVE-2023-50342 was published Jan 3, 2024
Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Stripe... High Unreviewed
CVE-2023-51502 was published Jan 5, 2024
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been declared as... High Unreviewed
CVE-2024-0264 was published Jan 7, 2024
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate... High Unreviewed
CVE-2023-49251 was published Jan 9, 2024
The Moderna Sistemas ModernaNet Hospital Management System 2024 is susceptible to an Insecure... High Unreviewed
CVE-2024-23747 was published Jan 29, 2024
Authorization Bypass Through User-Controlled Key vulnerability in ali Forms Contact Form builder... High Unreviewed
CVE-2024-22305 was published Jan 31, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Mia Technology Inc. MİA-MED... High Unreviewed
CVE-2023-6515 was published Feb 8, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering... High Unreviewed
CVE-2023-6724 was published Feb 9, 2024
Authorization Bypass Through User-Controlled Key vulnerability in NetIQ (OpenText) Client Login... High Unreviewed
CVE-2024-1470 was published Feb 29, 2024
An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiOS version 7... High Unreviewed
CVE-2024-23112 was published Mar 12, 2024
A vulnerability, which was classified as critical, has been found in SourceCodester Employee Task... High Unreviewed
CVE-2024-2575 was published Mar 18, 2024
A vulnerability, which was classified as critical, was found in SourceCodester Employee Task... High Unreviewed
CVE-2024-2576 was published Mar 18, 2024
A vulnerability classified as critical was found in SourceCodester Employee Task Management... High Unreviewed
CVE-2024-2574 was published Mar 18, 2024
A vulnerability has been found in SourceCodester Employee Task Management System 1.0 and... High Unreviewed
CVE-2024-2577 was published Mar 18, 2024
OneUptime Vulnerable to a Privilege Escalation via Local Storage Key Manipulation High
CVE-2024-29194 was published for @oneuptime/common-server (npm) Mar 25, 2024
saunders-jake
Authorization Bypass Through User-Controlled Key vulnerability in ExtremePacs Extreme XDS allows... High Unreviewed
CVE-2023-6523 was published Apr 5, 2024
Grafana: Users outside an organization can delete a snapshot with its key High
CVE-2024-1313 was published for github.com/grafana/grafana (Go) Apr 5, 2024
jaypanu42 PlayerX555
aviv320i
Insecure Direct Object Reference (IDOR) in GNU Savane v.3.12 and before allows a remote attacker... High Unreviewed
CVE-2024-27630 was published Apr 8, 2024
A prompt bypass exists in the secondscreen.gateway service running on webOS version 4 through 7.... High Unreviewed
CVE-2023-6317 was published Apr 9, 2024
An Insecure Direct Object Reference (IDOR) vulnerability exists in the lunary-ai/lunary... High Unreviewed
CVE-2024-1625 was published Apr 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database