GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
14 advisories
Filter by severity
Oqtane Framework Insecure Direct Object Reference vulnerability
Low
CVE-2024-55186
was published
for
Oqtane.Client
(NuGet)
Dec 20, 2024
Path Traversal and Insecure Direct Object Reference (IDOR) vulnerabilities in the eSignaViewer...
Low
Unreviewed
CVE-2024-12014
was published
Dec 20, 2024
Grafana org admin can delete pending invites in different org
Low
CVE-2024-10452
was published
for
github.com/grafana/grafana
(Go)
Oct 29, 2024
Sensitive information manipulation due to improper authorization. The following products are...
Low
Unreviewed
CVE-2024-49388
was published
Oct 15, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 17.1.7...
Low
Unreviewed
CVE-2024-6685
was published
Sep 17, 2024
OpenSearch Observability does not properly restrict access to private tenant resources
Low
CVE-2024-39901
was published
for
org.opensearch.plugin:opensearch-observability
(Maven)
Jul 10, 2024
@strapi/plugin-content-manager leaks data via relations via the Admin Panel
Low
CVE-2024-29181
was published
for
@strapi/plugin-content-manager
(npm)
Jun 12, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Molongui.This issue affects...
Low
Unreviewed
CVE-2024-30507
was published
Mar 29, 2024
Authorization Bypass in moodle
Low
CVE-2024-25983
was published
for
moodle/moodle
(Composer)
Feb 19, 2024
Authorization Bypass Through User-Controlled Key vulnerability in gVectors Team Comments –...
Low
Unreviewed
CVE-2023-46311
was published
Dec 20, 2023
Economizzer Insecure Direct Object Reference vulnerability
Low
CVE-2023-38872
was published
for
gugoan/economizzer
(Composer)
Sep 28, 2023
Sensitive information disclosure and manipulation due to improper authorization. The following...
Low
Unreviewed
CVE-2023-44154
was published
Sep 27, 2023
Sensitive information disclosure due to improper authorization. The following products are...
Low
Unreviewed
CVE-2023-44205
was published
Sep 27, 2023
The WPQA Builder WordPress plugin before 5.9.3 (which is a companion plugin used with Discy and...
Low
Unreviewed
CVE-2022-3343
was published
Jan 10, 2023
ProTip!
Advisories are also available from the
GraphQL API