GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
3,000 advisories
Filter by severity
The GPX Viewer plugin for WordPress is vulnerable to arbitrary file creation due to a missing...
High
Unreviewed
CVE-2024-10629
was published
Nov 13, 2024
The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized access of data...
Moderate
Unreviewed
CVE-2024-10852
was published
Nov 13, 2024
Due to missing authorization check in SAP NetWeaver AS Java (System Landscape Directory) an...
Moderate
Unreviewed
CVE-2024-42372
was published
Nov 12, 2024
Cash Operations does not perform necessary authorization check for an authenticated user,...
Low
Unreviewed
CVE-2024-47587
was published
Nov 12, 2024
The Leopard - WordPress Offload Media plugin for WordPress is vulnerable to unauthorized...
Critical
Unreviewed
CVE-2024-10589
was published
Nov 9, 2024
The Th Shop Mania theme for WordPress is vulnerable to unauthorized arbitrary plugin installation...
High
Unreviewed
CVE-2024-10674
was published
Nov 9, 2024
The Top Store theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due...
High
Unreviewed
CVE-2024-10673
was published
Nov 9, 2024
The Debug Tool plugin for WordPress is vulnerable to unauthorized access of data due to a missing...
Moderate
Unreviewed
CVE-2024-10588
was published
Nov 9, 2024
The Debug Tool plugin for WordPress is vulnerable to arbitrary file creation due to a missing...
Critical
Unreviewed
CVE-2024-10586
was published
Nov 9, 2024
The CE21 Suite plugin for WordPress is vulnerable to unauthorized modification of data due to a...
Moderate
Unreviewed
CVE-2024-10294
was published
Nov 9, 2024
sunniwell HT3300 before 1.0.0.B022.2 is vulnerable to Insecure Permissions. The /usr/local/bin...
Critical
Unreviewed
CVE-2024-48073
was published
Nov 9, 2024
An authorization bypass vulnerability was identified in GitHub Enterprise Server that allowed...
Moderate
Unreviewed
CVE-2024-10824
was published
Nov 8, 2024
Moodle's IDOR in badges allows deletion of arbitrary badges
Moderate
CVE-2024-43431
was published
for
moodle/moodle
(Composer)
Nov 7, 2024
The Tumult Hype Animations plugin for WordPress is vulnerable to unauthorized access of data due...
Moderate
Unreviewed
CVE-2024-10543
was published
Nov 6, 2024
The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-6626
was published
Nov 6, 2024
The Video Gallery for WooCommerce plugin for WordPress is vulnerable to unauthorized modification...
Moderate
Unreviewed
CVE-2024-10535
was published
Nov 6, 2024
The Zotpress plugin for WordPress is vulnerable to unauthorized modification of data due to a...
Moderate
Unreviewed
CVE-2024-7429
was published
Nov 5, 2024
Missing Authorization vulnerability in WPChill Strong Testimonials allows Exploiting Incorrectly...
Moderate
Unreviewed
CVE-2024-47362
was published
Nov 1, 2024
Missing Authorization vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency...
Moderate
Unreviewed
CVE-2024-44006
was published
Nov 1, 2024
Missing Authorization vulnerability in BearDev JoomSport allows Exploiting Incorrectly Configured...
Moderate
Unreviewed
CVE-2024-44031
was published
Nov 1, 2024
Missing Authorization vulnerability in Renzo Johnson Contact Form 7 Campaign Monitor Extension...
Moderate
Unreviewed
CVE-2024-44019
was published
Nov 1, 2024
Missing Authorization vulnerability in Truepush allows Exploiting Incorrectly Configured Access...
Moderate
Unreviewed
CVE-2024-44021
was published
Nov 1, 2024
Missing Authorization vulnerability in WebsiteinWP Blogpoet allows Accessing Functionality Not...
Moderate
Unreviewed
CVE-2024-43998
was published
Nov 1, 2024
Missing Authorization vulnerability in CozyThemes ReviveNews allows Accessing Functionality Not...
Moderate
Unreviewed
CVE-2024-43974
was published
Nov 1, 2024
Missing Authorization vulnerability in CozyThemes Blockbooster allows Accessing Functionality Not...
Moderate
Unreviewed
CVE-2024-43979
was published
Nov 1, 2024
ProTip!
Advisories are also available from the
GraphQL API