GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,458

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

280 advisories

Filter by severity

Sort by

Least recently updated

The Attesa Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to... Moderate Unreviewed

CVE-2024-10688 was published Nov 9, 2024

The Envo Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to,... Moderate Unreviewed

CVE-2024-10770 was published Nov 9, 2024

The Content Slider Block plugin for WordPress is vulnerable to Information Exposure in all... Moderate Unreviewed

CVE-2024-10667 was published Nov 9, 2024

The Countdown Timer block – Display the event's date into a timer. plugin for WordPress is... Moderate Unreviewed

CVE-2024-10669 was published Nov 9, 2024

The SKT Addons for Elementor plugin for WordPress is vulnerable to Information Exposure in all... Moderate Unreviewed

CVE-2024-10693 was published Nov 9, 2024

The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Information Exposure in... Moderate Unreviewed

CVE-2024-10779 was published Nov 9, 2024

The User Meta – User Profile Builder and User management plugin plugin for WordPress is... Moderate Unreviewed

CVE-2024-9262 was published Nov 9, 2024

A vulnerability has been found in TOTOLINK LR350 up to 9.3.5u.6369 and classified as critical.... Moderate Unreviewed

CVE-2024-10654 was published Nov 1, 2024

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is... Moderate Unreviewed

CVE-2024-9700 was published Oct 31, 2024

The eHRD CTMS from Sunnet has an Insecure Direct Object Reference (IDOR) vulnerability, allowing... Moderate Unreviewed

CVE-2024-10439 was published Oct 28, 2024

A vulnerability was found in wfh45678 Radar up to 1.0.8 and classified as critical. This issue... Moderate Unreviewed

CVE-2024-10121 was published Oct 18, 2024

Dell E-Lab Navigator, [3.1.9, 3.2.0], contains an Insecure Direct Object Reference Vulnerability... Moderate Unreviewed

CVE-2024-22455 was published Oct 16, 2024

Insecure handling of ssh keys used to bootstrap clients allows local attackers to potentially... Moderate Unreviewed

CVE-2023-32189 was published Oct 16, 2024

The plugin ACF Quick Edit Fields for WordPress is vulnerable to Insecure Direct Object Reference... Moderate Unreviewed

CVE-2023-7286 was published Oct 16, 2024

A vulnerability classified as problematic was found in Sovell Smart Canteen System up to 3.0.7303... Moderate Unreviewed

CVE-2024-9554 was published Oct 6, 2024

Authorization Bypass Through User-Controlled Key vulnerability in Salon Booking System Salon... Moderate Unreviewed

CVE-2024-47316 was published Oct 5, 2024

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series... Moderate Unreviewed

CVE-2024-20513 was published Oct 2, 2024

A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been... Moderate Unreviewed

CVE-2024-9298 was published Sep 28, 2024

The WooCommerce Multiple Free Gift plugin for WordPress is vulnerable to gift manipulation in all... Moderate Unreviewed

CVE-2022-3459 was published Sep 16, 2024

An issue in Mirapolis LMS 4.6.XX allows authenticated users to exploit an Insecure Direct Object... Moderate Unreviewed

CVE-2024-25270 was published Sep 12, 2024

An authorization bypass through user-controlled key [CWE-639] vulnerability in FortiAnalyzer... Moderate Unreviewed

CVE-2023-44254 was published Sep 10, 2024

The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Insecure... Moderate Unreviewed

CVE-2024-8123 was published Sep 4, 2024

An Insecure Direct Object Reference (IDOR) in PTC ThingWorx v9.5.0 allows attackers to view... Moderate Unreviewed

CVE-2024-40395 was published Aug 27, 2024

Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project... Moderate Unreviewed

CVE-2024-43916 was published Aug 26, 2024

The User Private Files – WordPress File Sharing Plugin plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-7848 was published Aug 22, 2024

Previous 1 2 3 4 5 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

280 advisories