GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

505 advisories

Filter by severity

Sort by

Least recently updated

The Attesa Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to... Moderate Unreviewed

CVE-2024-10688 was published Nov 9, 2024

The Countdown Timer block – Display the event's date into a timer. plugin for WordPress is... Moderate Unreviewed

CVE-2024-10669 was published Nov 9, 2024

The Envo Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to,... Moderate Unreviewed

CVE-2024-10770 was published Nov 9, 2024

The SKT Addons for Elementor plugin for WordPress is vulnerable to Information Exposure in all... Moderate Unreviewed

CVE-2024-10693 was published Nov 9, 2024

The Content Slider Block plugin for WordPress is vulnerable to Information Exposure in all... Moderate Unreviewed

CVE-2024-10667 was published Nov 9, 2024

The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Information Exposure in... Moderate Unreviewed

CVE-2024-10779 was published Nov 9, 2024

The User Meta – User Profile Builder and User management plugin plugin for WordPress is... Moderate Unreviewed

CVE-2024-9262 was published Nov 9, 2024

This vulnerability exists in the Wave 2.0 due to missing authorization check on certain API... High Unreviewed

CVE-2024-51559 was published Nov 4, 2024

An Insecure Direct Object Reference (IDOR) in the dashboard of SiSMART v7.4.0 allows attackers to... High Unreviewed

CVE-2024-48217 was published Nov 1, 2024

Authorization Bypass Through User-Controlled Key vulnerability in Paid Memberships Pro allows... High Unreviewed

CVE-2024-37277 was published Nov 1, 2024

A vulnerability has been found in TOTOLINK LR350 up to 9.3.5u.6369 and classified as critical.... Moderate Unreviewed

CVE-2024-10654 was published Nov 1, 2024

An Insecure Direct Object Reference (IDOR) vulnerability in appointment-detail.php in Phpgurukul... High Unreviewed

CVE-2024-51066 was published Oct 31, 2024

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is... Moderate Unreviewed

CVE-2024-9700 was published Oct 31, 2024

An IDOR vulnerability exists in the 'Evaluations' function of the 'umgws datasets' section in... High Unreviewed

CVE-2024-7473 was published Oct 29, 2024

In version 1.3.2 of lunary-ai/lunary, an Insecure Direct Object Reference (IDOR) vulnerability... Critical Unreviewed

CVE-2024-7474 was published Oct 29, 2024

Authorization Bypass Through User-Controlled Key vulnerability in Meetup allows Privilege... Critical Unreviewed

CVE-2024-50483 was published Oct 28, 2024

The eHRD CTMS from Sunnet has an Insecure Direct Object Reference (IDOR) vulnerability, allowing... Moderate Unreviewed

CVE-2024-10439 was published Oct 28, 2024

The School Management System – WPSchoolPress plugin for WordPress is vulnerable to privilege... High Unreviewed

CVE-2024-9637 was published Oct 26, 2024

A vulnerability was found in wfh45678 Radar up to 1.0.8 and classified as critical. This issue... Moderate Unreviewed

CVE-2024-10121 was published Oct 18, 2024

The WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin plugin for... Critical Unreviewed

CVE-2024-9263 was published Oct 17, 2024

The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to Arbitrary... Critical Unreviewed

CVE-2024-9862 was published Oct 17, 2024

The Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors... High Unreviewed

CVE-2024-9215 was published Oct 17, 2024

Dell E-Lab Navigator, [3.1.9, 3.2.0], contains an Insecure Direct Object Reference Vulnerability... Moderate Unreviewed

CVE-2024-22455 was published Oct 16, 2024

Insecure handling of ssh keys used to bootstrap clients allows local attackers to potentially... Moderate Unreviewed

CVE-2023-32189 was published Oct 16, 2024

An authorization bypass through user-controlled key vulnerability affecting 3DSwym in 3DSwymer on... High Unreviewed

CVE-2024-8040 was published Oct 16, 2024

Previous 1 2 3 4 5 … 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

505 advisories