GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
605 advisories
Filter by severity
The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-10794
was published
Nov 13, 2024
The WP Project Manager – Task, team, and project management plugin featuring kanban board and...
High
Unreviewed
CVE-2024-10174
was published
Nov 13, 2024
The BuddyPress Builder for Elementor – BuddyBuilder plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-10778
was published
Nov 13, 2024
An authorization bypass through user-controlled key vulnerability [CWE-639] in Fortinet...
Moderate
Unreviewed
CVE-2023-47543
was published
Nov 12, 2024
The Futurio Extra plugin for WordPress is vulnerable to Information Exposure in all versions up...
Moderate
Unreviewed
CVE-2024-10695
was published
Nov 12, 2024
The Attesa Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to...
Moderate
Unreviewed
CVE-2024-10688
was published
Nov 9, 2024
The Countdown Timer block – Display the event's date into a timer. plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-10669
was published
Nov 9, 2024
The Envo Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to,...
Moderate
Unreviewed
CVE-2024-10770
was published
Nov 9, 2024
The SKT Addons for Elementor plugin for WordPress is vulnerable to Information Exposure in all...
Moderate
Unreviewed
CVE-2024-10693
was published
Nov 9, 2024
The Content Slider Block plugin for WordPress is vulnerable to Information Exposure in all...
Moderate
Unreviewed
CVE-2024-10667
was published
Nov 9, 2024
The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Information Exposure in...
Moderate
Unreviewed
CVE-2024-10779
was published
Nov 9, 2024
The User Meta – User Profile Builder and User management plugin plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-9262
was published
Nov 9, 2024
Moodle's IDOR in badges allows deletion of arbitrary badges
Moderate
CVE-2024-43431
was published
for
moodle/moodle
(Composer)
Nov 7, 2024
Moodle's IDOR in Feedback non-respondents report allows messaging arbitrary site users
Moderate
CVE-2024-43438
was published
for
moodle/moodle
(Composer)
Nov 7, 2024
This vulnerability exists in the Wave 2.0 due to missing authorization check on certain API...
High
Unreviewed
CVE-2024-51559
was published
Nov 4, 2024
An Insecure Direct Object Reference (IDOR) in the dashboard of SiSMART v7.4.0 allows attackers to...
High
Unreviewed
CVE-2024-48217
was published
Nov 1, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Paid Memberships Pro allows...
High
Unreviewed
CVE-2024-37277
was published
Nov 1, 2024
A vulnerability has been found in TOTOLINK LR350 up to 9.3.5u.6369 and classified as critical....
Moderate
Unreviewed
CVE-2024-10654
was published
Nov 1, 2024
An Insecure Direct Object Reference (IDOR) vulnerability in appointment-detail.php in Phpgurukul...
High
Unreviewed
CVE-2024-51066
was published
Oct 31, 2024
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-9700
was published
Oct 31, 2024
Grafana org admin can delete pending invites in different org
Low
CVE-2024-10452
was published
for
github.com/grafana/grafana
(Go)
Oct 29, 2024
An IDOR vulnerability exists in the 'Evaluations' function of the 'umgws datasets' section in...
High
Unreviewed
CVE-2024-7473
was published
Oct 29, 2024
In version 1.3.2 of lunary-ai/lunary, an Insecure Direct Object Reference (IDOR) vulnerability...
Critical
Unreviewed
CVE-2024-7474
was published
Oct 29, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Meetup allows Privilege...
Critical
Unreviewed
CVE-2024-50483
was published
Oct 28, 2024
The eHRD CTMS from Sunnet has an Insecure Direct Object Reference (IDOR) vulnerability, allowing...
Moderate
Unreviewed
CVE-2024-10439
was published
Oct 28, 2024
ProTip!
Advisories are also available from the
GraphQL API