Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

209 advisories

Loading
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate... High Unreviewed
CVE-2023-49251 was published Jan 9, 2024
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been declared as... High Unreviewed
CVE-2024-0264 was published Jan 7, 2024
Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Stripe... High Unreviewed
CVE-2023-51502 was published Jan 5, 2024
HCL DRYiCE MyXalytics is impacted by an Insecure Direct Object Reference (IDOR) vulnerability.  A... High Unreviewed
CVE-2023-50342 was published Jan 3, 2024
An indirect Object Reference (IDOR) in the Order and Invoice pages in Floorsight Customer Portal... High Unreviewed
CVE-2023-45893 was published Jan 2, 2024
An issue discovered in the Order and Invoice pages in Floorsight Insights Q3 2023 allows an... High Unreviewed
CVE-2023-45892 was published Jan 2, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Automattic WooPayments – Fully... High Unreviewed
CVE-2023-35916 was published Dec 20, 2023
Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Woo Subscriptions... High Unreviewed
CVE-2023-35914 was published Dec 20, 2023
Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Square... High Unreviewed
CVE-2023-35876 was published Dec 20, 2023
Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce GoCardless.This... High Unreviewed
CVE-2023-37871 was published Dec 20, 2023
EuroTel ETL3100 versions v01c01 and v01x37 are vulnerable to insecure direct object... High Unreviewed
CVE-2023-6929 was published Dec 20, 2023
Archer Platform 6.x before 6.14 P1 HF2 (6.14.0.1.2) contains an insecure direct object reference... High Unreviewed
CVE-2023-48641 was published Dec 12, 2023
OpenZFS through 2.1.13 and 2.2.x through 2.2.1, in certain scenarios involving applications that... High Unreviewed
CVE-2023-49298 was published Nov 24, 2023
An Insecure Direct Object Reference (IDOR) vulnerability in the Community Edition version 9.0 of... High Unreviewed
CVE-2023-38884 was published Nov 20, 2023
AsyncSSH Rogue Session Attack High
CVE-2023-46446 was published for asyncssh (pip) Nov 9, 2023
TrueSkrillor lambdafu
In the module "Order Duplicator " Clone and Delete Existing Order" (orderduplicate) in version <=... High Unreviewed
CVE-2023-45380 was published Nov 8, 2023
An issue in minCal v.1.0.0 allows a remote attacker to execute arbitrary code via a crafted... High Unreviewed
CVE-2023-46478 was published Oct 31, 2023
Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA... High Unreviewed
CVE-2022-24401 was published Oct 19, 2023
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier)... High Unreviewed
CVE-2023-38218 was published Oct 13, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2023-4934 was published Sep 27, 2023
Sensitive information disclosure and manipulation due to improper authorization. The following... High Unreviewed
CVE-2023-44206 was published Sep 27, 2023
The Simplr Registration Form Plus+ plugin for WordPress is vulnerable to Insecure Direct Object... High Unreviewed
CVE-2023-4213 was published Sep 13, 2023
SearchBlox before Version 9.1 is vulnerable to business logic bypass where the user is able to... High Unreviewed
CVE-2020-10130 was published Sep 6, 2023
Keylime registrar and (untrusted) Agent can be bypassed by an attacker High
CVE-2023-38201 was published for keylime (pip) Sep 6, 2023
Netmaker IDOR Allows User to Update Other User's Password High
CVE-2023-32078 was published for github.com/gravitl/netmaker (Go) Aug 25, 2023
rootxharsh iamnoooob
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database