GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,207
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,109
Maven 5,284
npm 3,766
NuGet 680
pip 3,453
Pub 12
RubyGems 892
Rust 887
Swift 37

Unreviewed advisories

All unreviewed 243,521

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

580 advisories

Filter by severity

Sort by

Least recently updated

The Easy Twitter Feed – Twitter feeds plugin for WP plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-10666 was published Nov 22, 2024

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized... High Unreviewed

CVE-2024-10855 was published Nov 20, 2024

An IDOR (Insecure Direct Object Reference) vulnerability has been discovered in AbsysNet,... High Unreviewed

CVE-2024-11318 was published Nov 18, 2024

The Popularis Extra plugin for WordPress is vulnerable to Information Exposure in all versions up... Moderate Unreviewed

CVE-2024-10795 was published Nov 16, 2024

java_shop 1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain... Moderate Unreviewed

CVE-2024-50651 was published Nov 15, 2024

The WP Project Manager – Task, team, and project management plugin featuring kanban board and... High Unreviewed

CVE-2024-10174 was published Nov 13, 2024

The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-10794 was published Nov 13, 2024

The BuddyPress Builder for Elementor – BuddyBuilder plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-10778 was published Nov 13, 2024

SOCIFI Socifi Guest wifi as SAAS wifi portal is affected by Insecure Permissions. Any authorized... High Unreviewed

CVE-2021-27700 was published Nov 13, 2024

An authorization bypass through user-controlled key vulnerability [CWE-639] in Fortinet... Moderate Unreviewed

CVE-2023-47543 was published Nov 12, 2024

The Futurio Extra plugin for WordPress is vulnerable to Information Exposure in all versions up... Moderate Unreviewed

CVE-2024-10695 was published Nov 12, 2024

A vulnerability classified as problematic has been found in SourceCodester Hospital Management... Moderate Unreviewed

CVE-2024-11073 was published Nov 11, 2024

The Attesa Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to... Moderate Unreviewed

CVE-2024-10688 was published Nov 9, 2024

The Envo Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to,... Moderate Unreviewed

CVE-2024-10770 was published Nov 9, 2024

The SKT Addons for Elementor plugin for WordPress is vulnerable to Information Exposure in all... Moderate Unreviewed

CVE-2024-10693 was published Nov 9, 2024

The Content Slider Block plugin for WordPress is vulnerable to Information Exposure in all... Moderate Unreviewed

CVE-2024-10667 was published Nov 9, 2024

The Countdown Timer block – Display the event's date into a timer. plugin for WordPress is... Moderate Unreviewed

CVE-2024-10669 was published Nov 9, 2024

The User Meta – User Profile Builder and User management plugin plugin for WordPress is... Moderate Unreviewed

CVE-2024-9262 was published Nov 9, 2024

The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Information Exposure in... Moderate Unreviewed

CVE-2024-10779 was published Nov 9, 2024

This vulnerability exists in the Wave 2.0 due to missing authorization check on certain API... High Unreviewed

CVE-2024-51559 was published Nov 4, 2024

An Insecure Direct Object Reference (IDOR) in the dashboard of SiSMART v7.4.0 allows attackers to... High Unreviewed

CVE-2024-48217 was published Nov 1, 2024

Authorization Bypass Through User-Controlled Key vulnerability in Paid Memberships Pro allows... High Unreviewed

CVE-2024-37277 was published Nov 1, 2024

A vulnerability has been found in TOTOLINK LR350 up to 9.3.5u.6369 and classified as critical.... Moderate Unreviewed

CVE-2024-10654 was published Nov 1, 2024

An Insecure Direct Object Reference (IDOR) vulnerability in appointment-detail.php in Phpgurukul... High Unreviewed

CVE-2024-51066 was published Oct 31, 2024

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is... Moderate Unreviewed

CVE-2024-9700 was published Oct 31, 2024

Previous 1 2 3 4 5 … 23 24 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

580 advisories