GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,377
Composer 4,373
Erlang 33
GitHub Actions 22
Go 2,139
Maven 5,314
npm 3,799
NuGet 687
pip 3,478
Pub 12
RubyGems 896
Rust 898
Swift 38

Unreviewed advisories

All unreviewed 245,481

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

185 advisories

Filter by severity

Sort by

Least recently updated

Rapid Response Monitoring My Security Account App utilizes an API that could be exploited by an... High Unreviewed

CVE-2025-0352 was published Feb 20, 2025

Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the... High Unreviewed

CVE-2023-28686 was published Mar 24, 2023

An issue in the password reset function of Peppermint v0.2.4 allows attackers to access the... High Unreviewed

CVE-2023-26984 was published Mar 29, 2023

StrongKey FIDO Server before 4.15.1 treats a non-discoverable (namedcredential) flow as a... High Unreviewed

CVE-2025-26788 was published Feb 14, 2025

Authorization Bypass Through User-Controlled Key vulnerability in NetIQ (OpenText) Client Login... High Unreviewed

CVE-2024-1470 was published Feb 29, 2024

An authorization bypass vulnerability exists in the Mavenir SCE Application Provisioning Portal,... High Unreviewed

CVE-2024-34520 was published Feb 13, 2025

NGINX Management Suite may allow an authenticated attacker to gain access to configuration... High Unreviewed

CVE-2023-28656 was published Jul 6, 2023

A prompt bypass exists in the secondscreen.gateway service running on webOS version 4 through 7.... High Unreviewed

CVE-2023-6317 was published Apr 9, 2024

In Newgensoft OmniDocs 11.0_SP1_03_006, Insecure Direct Object Reference (IDOR) in the... High Unreviewed

CVE-2024-39033 was published Feb 6, 2025

The WooCommerce Wishlist (High customization, fast setup,Free Elementor Wishlist, most features)... High Unreviewed

CVE-2024-13694 was published Jan 30, 2025

An Improper Access Control vulnerability exists in lunary-ai/lunary version 1.2.2, where users... High Unreviewed

CVE-2024-4151 was published May 20, 2024

In lunary-ai/lunary version 1.2.2, an incorrect synchronization vulnerability allows unprivileged... High Unreviewed

CVE-2024-4154 was published May 21, 2024

CWE-639: Authorization Bypass Through User-Controlled Key vulnerability exists that could allow... High Unreviewed

CVE-2024-10497 was published Jan 17, 2025

HCL MyXalytics is affected by insecure direct object references. It occurs due to missing access... High Unreviewed

CVE-2024-42169 was published Jan 11, 2025

An Insecure Direct Object Reference (IDOR) vulnerability exists in the lunary-ai/lunary... High Unreviewed

CVE-2024-1625 was published Apr 10, 2024

The QOCA aim from Quanta Computer has an Authorization Bypass Through User-Controlled Key... High Unreviewed

CVE-2024-13040 was published Dec 31, 2024

An IDOR vulnerability in CodeAstro's Complaint Management System v1.0 (version with 0 updates)... High Unreviewed

CVE-2024-55506 was published Dec 19, 2024

In checkKeyIntentParceledCorrectly() of ActivityManagerService.java, there is a possible bypass... High Unreviewed

CVE-2023-21131 was published Jun 15, 2023

Authorization bypass through user-controlled key vulnerability in streaming service in Synology... High Unreviewed

CVE-2024-4464 was published Dec 18, 2024

An access control bypass vulnerability found in 389-ds-base. That mishandling of the filter that... High Unreviewed

CVE-2022-1949 was published Jun 3, 2022

Dell NetWorker, version(s) 19.10, contain(s) an Authorization Bypass Through User-Controlled Key... High Unreviewed

CVE-2024-42422 was published Dec 3, 2024

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized... High Unreviewed

CVE-2024-10855 was published Nov 20, 2024

SOCIFI Socifi Guest wifi as SAAS wifi portal is affected by Insecure Permissions. Any authorized... High Unreviewed

CVE-2021-27700 was published Nov 13, 2024

An IDOR (Insecure Direct Object Reference) vulnerability has been discovered in AbsysNet,... High Unreviewed

CVE-2024-11318 was published Nov 18, 2024

The WP Project Manager – Task, team, and project management plugin featuring kanban board and... High Unreviewed

CVE-2024-10174 was published Nov 13, 2024

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

185 advisories