GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,405

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

512 advisories

Filter by severity

Sort by

Least recently updated

The Popularis Extra plugin for WordPress is vulnerable to Information Exposure in all versions up... Moderate Unreviewed

CVE-2024-10795 was published Nov 16, 2024

The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-10794 was published Nov 13, 2024

The WP Project Manager – Task, team, and project management plugin featuring kanban board and... High Unreviewed

CVE-2024-10174 was published Nov 13, 2024

The BuddyPress Builder for Elementor – BuddyBuilder plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-10778 was published Nov 13, 2024

An authorization bypass through user-controlled key vulnerability [CWE-639] in Fortinet... Moderate Unreviewed

CVE-2023-47543 was published Nov 12, 2024

The Futurio Extra plugin for WordPress is vulnerable to Information Exposure in all versions up... Moderate Unreviewed

CVE-2024-10695 was published Nov 12, 2024

The Attesa Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to... Moderate Unreviewed

CVE-2024-10688 was published Nov 9, 2024

The Countdown Timer block – Display the event's date into a timer. plugin for WordPress is... Moderate Unreviewed

CVE-2024-10669 was published Nov 9, 2024

The Envo Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to,... Moderate Unreviewed

CVE-2024-10770 was published Nov 9, 2024

The SKT Addons for Elementor plugin for WordPress is vulnerable to Information Exposure in all... Moderate Unreviewed

CVE-2024-10693 was published Nov 9, 2024

The Content Slider Block plugin for WordPress is vulnerable to Information Exposure in all... Moderate Unreviewed

CVE-2024-10667 was published Nov 9, 2024

The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Information Exposure in... Moderate Unreviewed

CVE-2024-10779 was published Nov 9, 2024

The User Meta – User Profile Builder and User management plugin plugin for WordPress is... Moderate Unreviewed

CVE-2024-9262 was published Nov 9, 2024

This vulnerability exists in the Wave 2.0 due to missing authorization check on certain API... High Unreviewed

CVE-2024-51559 was published Nov 4, 2024

An Insecure Direct Object Reference (IDOR) in the dashboard of SiSMART v7.4.0 allows attackers to... High Unreviewed

CVE-2024-48217 was published Nov 1, 2024

Authorization Bypass Through User-Controlled Key vulnerability in Paid Memberships Pro allows... High Unreviewed

CVE-2024-37277 was published Nov 1, 2024

A vulnerability has been found in TOTOLINK LR350 up to 9.3.5u.6369 and classified as critical.... Moderate Unreviewed

CVE-2024-10654 was published Nov 1, 2024

An Insecure Direct Object Reference (IDOR) vulnerability in appointment-detail.php in Phpgurukul... High Unreviewed

CVE-2024-51066 was published Oct 31, 2024

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is... Moderate Unreviewed

CVE-2024-9700 was published Oct 31, 2024

An IDOR vulnerability exists in the 'Evaluations' function of the 'umgws datasets' section in... High Unreviewed

CVE-2024-7473 was published Oct 29, 2024

In version 1.3.2 of lunary-ai/lunary, an Insecure Direct Object Reference (IDOR) vulnerability... Critical Unreviewed

CVE-2024-7474 was published Oct 29, 2024

Authorization Bypass Through User-Controlled Key vulnerability in Meetup allows Privilege... Critical Unreviewed

CVE-2024-50483 was published Oct 28, 2024

The eHRD CTMS from Sunnet has an Insecure Direct Object Reference (IDOR) vulnerability, allowing... Moderate Unreviewed

CVE-2024-10439 was published Oct 28, 2024

The School Management System – WPSchoolPress plugin for WordPress is vulnerable to privilege... High Unreviewed

CVE-2024-9637 was published Oct 26, 2024

A vulnerability was found in wfh45678 Radar up to 1.0.8 and classified as critical. This issue... Moderate Unreviewed

CVE-2024-10121 was published Oct 18, 2024

Previous 1 2 3 4 5 … 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

512 advisories