Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
The WPQA Builder WordPress plugin before 5.9.3 (which is a companion plugin used with Discy and... Low Unreviewed
CVE-2022-3343 was published Jan 10, 2023
Economizzer Insecure Direct Object Reference vulnerability Low
CVE-2023-38872 was published for gugoan/economizzer (Composer) Sep 28, 2023
Sensitive information disclosure and manipulation due to improper authorization. The following... Low Unreviewed
CVE-2023-44154 was published Sep 27, 2023
Sensitive information disclosure due to improper authorization. The following products are... Low Unreviewed
CVE-2023-44205 was published Sep 27, 2023
Authorization Bypass Through User-Controlled Key vulnerability in gVectors Team Comments –... Low Unreviewed
CVE-2023-46311 was published Dec 20, 2023
Authorization Bypass in moodle Low
CVE-2024-25983 was published for moodle/moodle (Composer) Feb 19, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Molongui.This issue affects... Low Unreviewed
CVE-2024-30507 was published Mar 29, 2024
@strapi/plugin-content-manager leaks data via relations via the Admin Panel Low
CVE-2024-29181 was published for @strapi/plugin-content-manager (npm) Jun 12, 2024
felixdkatt derrickmehaffy
Bassel17 christiancp100
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 17.1.7... Low Unreviewed
CVE-2024-6685 was published Sep 17, 2024
Sensitive information manipulation due to improper authorization. The following products are... Low Unreviewed
CVE-2024-49388 was published Oct 15, 2024
Grafana org admin can delete pending invites in different org Low
CVE-2024-10452 was published for github.com/grafana/grafana (Go) Oct 29, 2024
OpenSearch Observability does not properly restrict access to private tenant resources Low
CVE-2024-39901 was published for org.opensearch.plugin:opensearch-observability (Maven) Jul 10, 2024
Path Traversal and Insecure Direct Object Reference (IDOR) vulnerabilities in the eSignaViewer... Low Unreviewed
CVE-2024-12014 was published Dec 20, 2024
Oqtane Framework Insecure Direct Object Reference vulnerability Low
CVE-2024-55186 was published for Oqtane.Client (NuGet) Dec 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database