GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,992 advisories
Filter by severity
The Popup Box – Create Countdown, Coupon, Video, Contact Form Popups plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-10861
was published
Nov 16, 2024
The Simple Local Avatars plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2024-10786
was published
Nov 16, 2024
Improper Access Control in janeczku/calibre-web
Moderate
CVE-2021-3987
was published
for
calibreweb
(pip)
Nov 15, 2024
The Music Player for Elementor – Audio Player & Podcast Player plugin for WordPress is vulnerable...
Moderate
Unreviewed
CVE-2024-10582
was published
Nov 15, 2024
The Tutor LMS Elementor Addons plugin for WordPress is vulnerable to unauthorized plugin...
Moderate
Unreviewed
CVE-2024-10897
was published
Nov 15, 2024
Missing permission check in Jenkins Script Security Plugin
Moderate
CVE-2024-52549
was published
for
org.jenkins-ci.plugins:script-security
(Maven)
Nov 13, 2024
In multiple locations, there is a possible cross-user image read due to a missing permission...
Moderate
Unreviewed
CVE-2024-43090
was published
Nov 13, 2024
A vulnerability was found in VIWIS LMS 9.11. It has been classified as critical. Affected is an...
Moderate
Unreviewed
CVE-2024-8001
was published
Nov 13, 2024
The Hash Elements plugin for WordPress is vulnerable to unauthorized access of data due to a...
Moderate
Unreviewed
CVE-2024-10802
was published
Nov 13, 2024
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-10531
was published
Nov 13, 2024
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-10529
was published
Nov 13, 2024
The Hide Links plugin for WordPress is vulnerable to unauthorized shortcode execution due to...
Moderate
Unreviewed
CVE-2024-9578
was published
Nov 13, 2024
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-10530
was published
Nov 13, 2024
The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2024-10854
was published
Nov 13, 2024
The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2024-10853
was published
Nov 13, 2024
The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized access of data...
Moderate
Unreviewed
CVE-2024-10852
was published
Nov 13, 2024
The Styler for Ninja Forms plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2024-10717
was published
Nov 13, 2024
Due to missing authorization check in SAP NetWeaver AS Java (System Landscape Directory) an...
Moderate
Unreviewed
CVE-2024-42372
was published
Nov 12, 2024
The Debug Tool plugin for WordPress is vulnerable to unauthorized access of data due to a missing...
Moderate
Unreviewed
CVE-2024-10588
was published
Nov 9, 2024
The CE21 Suite plugin for WordPress is vulnerable to unauthorized modification of data due to a...
Moderate
Unreviewed
CVE-2024-10294
was published
Nov 9, 2024
An authorization bypass vulnerability was identified in GitHub Enterprise Server that allowed...
Moderate
Unreviewed
CVE-2024-10824
was published
Nov 8, 2024
Moodle's IDOR in badges allows deletion of arbitrary badges
Moderate
CVE-2024-43431
was published
for
moodle/moodle
(Composer)
Nov 7, 2024
The Tumult Hype Animations plugin for WordPress is vulnerable to unauthorized access of data due...
Moderate
Unreviewed
CVE-2024-10543
was published
Nov 6, 2024
The Video Gallery for WooCommerce plugin for WordPress is vulnerable to unauthorized modification...
Moderate
Unreviewed
CVE-2024-10535
was published
Nov 6, 2024
The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-6626
was published
Nov 6, 2024
ProTip!
Advisories are also available from the
GraphQL API