GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,369
Composer 4,373
Erlang 33
GitHub Actions 22
Go 2,135
Maven 5,313
npm 3,797
NuGet 687
pip 3,478
Pub 12
RubyGems 896
Rust 897
Swift 38

Unreviewed advisories

All unreviewed 245,479

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

602 advisories

Filter by severity

Sort by

Least recently updated

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for... Moderate Unreviewed

CVE-2024-13873 was published Feb 22, 2025

Faveo 5.0.1 allows remote attackers to obtain sensitive information via a modified user ID in an... Moderate Unreviewed

CVE-2023-24625 was published Mar 24, 2023

TrueFiling is a collaborative, web-based electronic filing system where attorneys, paralegals,... Low Unreviewed

CVE-2024-11146 was published Jan 17, 2025

Insecure direct object references (IDOR) vulnerability in the wpForo Forum plugin <= 2.0.5 on... Moderate Unreviewed

CVE-2022-40206 was published Nov 9, 2022

Rapid Response Monitoring My Security Account App utilizes an API that could be exploited by an... High Unreviewed

CVE-2025-0352 was published Feb 20, 2025

Insecure direct object references (IDOR) vulnerability in the wpForo Forum plugin <= 2.0.5 on... Moderate Unreviewed

CVE-2022-40205 was published Nov 9, 2022

A vulnerability has been found in Campcodes Online Laundry Management System 1.0 and classified... Moderate Unreviewed

CVE-2024-4817 was published May 14, 2024

A vulnerability was found in Campcodes Online Laundry Management System 1.0. It has been... Moderate Unreviewed

CVE-2024-4819 was published May 14, 2024

The LatePoint Plugin plugin for WordPress is vulnerable to unauthorized access of data and... Critical Unreviewed

CVE-2024-2472 was published Jun 14, 2024

Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the... High Unreviewed

CVE-2023-28686 was published Mar 24, 2023

An issue in the password reset function of Peppermint v0.2.4 allows attackers to access the... High Unreviewed

CVE-2023-26984 was published Mar 29, 2023

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-13740 was published Feb 18, 2025

StrongKey FIDO Server before 4.15.1 treats a non-discoverable (namedcredential) flow as a... High Unreviewed

CVE-2025-26788 was published Feb 14, 2025

Authorization Bypass Through User-Controlled Key vulnerability in NetIQ (OpenText) Client Login... High Unreviewed

CVE-2024-1470 was published Feb 29, 2024

An authorization bypass vulnerability exists in the Mavenir SCE Application Provisioning Portal,... High Unreviewed

CVE-2024-34520 was published Feb 13, 2025

Bhima version 1.27.0 allows an attacker authenticated with normal user permissions to view... Moderate Unreviewed

CVE-2023-0967 was published Apr 5, 2023

NGINX Management Suite may allow an authenticated attacker to gain access to configuration... High Unreviewed

CVE-2023-28656 was published Jul 6, 2023

Insecure direct object reference (IDOR) vulnerability in Anapi Group's h6web, allows an... Critical Unreviewed

CVE-2025-1270 was published Feb 13, 2025

The DethemeKit For Elementor plugin for WordPress is vulnerable to Information Exposure in all... Moderate Unreviewed

CVE-2025-0661 was published Feb 13, 2025

The Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin plugin for WordPress... Moderate Unreviewed

CVE-2024-13601 was published Feb 12, 2025

The EAN for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in... Moderate Unreviewed

CVE-2023-6897 was published Apr 18, 2024

An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4,... Moderate Unreviewed

CVE-2023-1417 was published Apr 5, 2023

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-6410 was published Jul 10, 2024

Authorization Bypass Through User-Controlled Key vulnerability in Wpmet Wp Ultimate Review.This... Moderate Unreviewed

CVE-2024-32683 was published Apr 19, 2024

The User Shortcodes Plus plugin for WordPress is vulnerable to Insecure Direct Object Reference... Moderate Unreviewed

CVE-2023-6969 was published Mar 13, 2024

Previous 1 2 3 4 5 … 24 25 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

602 advisories