GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+
730 advisories
Filter by severity
The Workreap WordPress theme before 2.6.3 has a vulnerability with the notifications feature as...
High
Unreviewed
CVE-2022-3846
was published
Dec 5, 2022
Canon Medical Informatics Vitrea Vision 7.7.76.1 does not adequately enforce access controls. An...
Moderate
Unreviewed
CVE-2022-38765
was published
Dec 9, 2022
The Directorist WordPress plugin before 7.4.2.2 suffers from an IDOR vulnerability which an...
Moderate
Unreviewed
CVE-2022-3930
was published
Dec 12, 2022
The All-In-One Security (AIOS) WordPress plugin before 5.0.8 is susceptible to IP Spoofing...
Moderate
Unreviewed
CVE-2022-4097
was published
Dec 12, 2022
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.0.2.
High
Unreviewed
CVE-2022-4505
was published
Dec 15, 2022
RSFirewall tries to identify the original IP address by looking at different HTTP headers. A...
Critical
Unreviewed
CVE-2021-4226
was published
Dec 15, 2022
A vulnerability, which was classified as problematic, has been found in Click Studios...
Moderate
Unreviewed
CVE-2022-3876
was published
Dec 19, 2022
The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various AJAX...
Moderate
Unreviewed
CVE-2022-3794
was published
Dec 22, 2022
The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various...
High
Unreviewed
CVE-2022-3805
was published
Dec 22, 2022
usememos/memos Authorization Bypass Through User-Controlled Key vulnerability
Critical
CVE-2022-4686
was published
for
github.com/usememos/memos
(Go)
Dec 23, 2022
The Workreap WordPress theme before 2.6.4 does not verify that an addon service belongs to the...
Moderate
Unreviewed
CVE-2022-4239
was published
Dec 26, 2022
usememos/memos Improper Authorization vulnerability
Moderate
CVE-2022-4798
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos Improper Authentication vulnerability
Moderate
CVE-2022-4799
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos Improper Access Control vulnerability
High
CVE-2022-4803
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos vulnerable to Improper Authorization
Moderate
CVE-2022-4802
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos Improper Access Control vulnerability
Moderate
CVE-2022-4806
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos Improper Authorization vulnerability
Moderate
CVE-2022-4811
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos vulnerable to Comparison of Object References Instead of Object Contents
Moderate
CVE-2022-4812
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
The WP Cerber Security, Anti-spam & Malware Scan WordPress plugin before 9.3.3 does not properly...
Moderate
Unreviewed
CVE-2022-4417
was published
Jan 3, 2023
The BookingPress WordPress plugin before 1.0.31 suffers from an Insecure Direct Object Reference ...
Moderate
Unreviewed
CVE-2022-4340
was published
Jan 3, 2023
The WPQA Builder WordPress plugin before 5.9.3 (which is a companion plugin used with Discy and...
Low
Unreviewed
CVE-2022-3343
was published
Jan 10, 2023
The LISTSERV 17 web interface allows remote attackers to conduct Insecure Direct Object...
High
Unreviewed
CVE-2022-40319
was published
Jan 17, 2023
An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The Java...
High
Unreviewed
CVE-2022-45927
was published
Jan 19, 2023
Instructure Canvas LMS didn't properly deny access to locked/unpublished files when the...
Moderate
Unreviewed
CVE-2021-36539
was published
Jan 26, 2023
The Quick Restaurant Menu plugin for WordPress is vulnerable to Insecure Direct Object Reference...
Moderate
Unreviewed
CVE-2023-0550
was published
Jan 27, 2023
ProTip!
Advisories are also available from the
GraphQL API