GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,203

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

892 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

OpenEMR 6.0.0 has a pnotes_print.php?noteid= Insecure Direct Object Reference vulnerability via... Moderate Unreviewed

CVE-2021-40352 was published May 24, 2022

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are... High Unreviewed

CVE-2021-36032 was published May 24, 2022

The vRealize Operations Manager API (8.x prior to 8.5) has insecure object reference... High Unreviewed

CVE-2021-22023 was published May 24, 2022

The bulletin function of Flygo contains Insecure Direct Object Reference (IDOR) vulnerability.... Moderate Unreviewed

CVE-2021-37212 was published May 24, 2022

The employee management page of Flygo contains Insecure Direct Object Reference (IDOR)... High Unreviewed

CVE-2021-37214 was published May 24, 2022

Akaunting version 2.1.12 and earlier suffers from an authentication bypass issue in the user... High Unreviewed

CVE-2021-36801 was published May 24, 2022

The User Profile Picture WordPress plugin before 2.6.0 was affected by an IDOR issue, allowing... Moderate Unreviewed

CVE-2021-24473 was published May 24, 2022

Sourcecodester Phone Shop Sales Managements System 1.0 is vulnerable to Insecure Direct Object... Moderate Unreviewed

CVE-2021-35337 was published May 24, 2022

JetPack Exposure of Resource to Wrong Sphere Moderate

CVE-2021-24374 was published for automattic/jetpack (Composer) May 24, 2022

An Insecure Direct Object Reference (IDOR) vulnerability in Annex Cloud Loyalty Experience... Moderate Unreviewed

CVE-2021-31927 was published May 24, 2022

Windows TCP/IP Driver Security Feature Bypass Vulnerability Moderate Unreviewed

CVE-2021-31970 was published May 24, 2022

Two authorization bypass through user-controlled key vulnerabilities in the Fortinet... Moderate Unreviewed

CVE-2020-6641 was published May 24, 2022

The Listeo WordPress theme before 1.6.11 did not ensure that the Post/Page and Booking to delete... Moderate Unreviewed

CVE-2021-24318 was published May 24, 2022

Nextcloud Deck before 1.0.2 suffers from an insecure direct object reference (IDOR) vulnerability... Moderate Unreviewed

CVE-2020-8297 was published May 24, 2022

Magento Insecure Direct Object Reference (IDOR) in the product module Moderate

CVE-2021-21022 was published for magento/community-edition (Composer) May 24, 2022

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view the... Moderate Unreviewed

CVE-2020-36231 was published May 24, 2022

Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when... High Unreviewed

CVE-2021-21013 was published May 24, 2022

Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when... High Unreviewed

CVE-2021-21012 was published May 24, 2022

In tangro Business Workflow before 1.18.1, knowing an attachment ID, it is possible to download... Moderate Unreviewed

CVE-2020-26178 was published May 24, 2022

An issue was discovered in Gitlab CE/EE versions >= 13.1 to <13.4.7, >= 13.5 to <13.5.5, and >=... Moderate Unreviewed

CVE-2020-13357 was published May 24, 2022

A vulnerability in the xAPI service of Cisco Telepresence CE Software and Cisco RoomOS Software... Moderate Unreviewed

CVE-2020-26068 was published May 24, 2022

An Insecure Direct Object Reference vulnerability in Citadel WebCit through 926 allows... Moderate Unreviewed

CVE-2020-27742 was published May 24, 2022

iked in OpenIKED, as used in OpenBSD through 6.7, allows authentication bypass because ca.c has... Critical Unreviewed

CVE-2020-16088 was published May 24, 2022

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view titles... Moderate Unreviewed

CVE-2020-14174 was published May 24, 2022

An issue was discovered on various devices via the Linkplay firmware. There is WAN remote code... High Unreviewed

CVE-2019-15310 was published May 24, 2022

Previous 1…31…36 Next

Previous 1 2 … 29 30 31 32 33 34 35 36 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

892 advisories