GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,385

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,969 advisories

Filter by severity

Sort by

Least recently updated

The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access... Moderate Unreviewed

CVE-2024-10614 was published Nov 16, 2024

The WP Log Viewer plugin for WordPress is vulnerable to unauthorized use of functionality due to... Moderate Unreviewed

CVE-2024-11085 was published Nov 16, 2024

The WP Chat App plugin for WordPress is vulnerable to unauthorized plugin installation due to a... Moderate Unreviewed

CVE-2024-10533 was published Nov 16, 2024

The Simple Local Avatars plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed

CVE-2024-10786 was published Nov 16, 2024

The Popup Box – Create Countdown, Coupon, Video, Contact Form Popups plugin for WordPress is... Moderate Unreviewed

CVE-2024-10861 was published Nov 16, 2024

The Music Player for Elementor – Audio Player & Podcast Player plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2024-10582 was published Nov 15, 2024

The Tutor LMS Elementor Addons plugin for WordPress is vulnerable to unauthorized plugin... Moderate Unreviewed

CVE-2024-10897 was published Nov 15, 2024

Missing permission check in Jenkins Script Security Plugin Moderate

CVE-2024-52549 was published for org.jenkins-ci.plugins:script-security (Maven) Nov 13, 2024

In multiple locations, there is a possible cross-user image read due to a missing permission... Moderate Unreviewed

CVE-2024-43090 was published Nov 13, 2024

A vulnerability was found in VIWIS LMS 9.11. It has been classified as critical. Affected is an... Moderate Unreviewed

CVE-2024-8001 was published Nov 13, 2024

The Hash Elements plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed

CVE-2024-10802 was published Nov 13, 2024

The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2024-10529 was published Nov 13, 2024

The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2024-10530 was published Nov 13, 2024

The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2024-10531 was published Nov 13, 2024

The Hide Links plugin for WordPress is vulnerable to unauthorized shortcode execution due to... Moderate Unreviewed

CVE-2024-9578 was published Nov 13, 2024

The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed

CVE-2024-10854 was published Nov 13, 2024

The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed

CVE-2024-10853 was published Nov 13, 2024

The Styler for Ninja Forms plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed

CVE-2024-10717 was published Nov 13, 2024

The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized access of data... Moderate Unreviewed

CVE-2024-10852 was published Nov 13, 2024

Due to missing authorization check in SAP NetWeaver AS Java (System Landscape Directory) an... Moderate Unreviewed

CVE-2024-42372 was published Nov 12, 2024

The Debug Tool plugin for WordPress is vulnerable to unauthorized access of data due to a missing... Moderate Unreviewed

CVE-2024-10588 was published Nov 9, 2024

The CE21 Suite plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed

CVE-2024-10294 was published Nov 9, 2024

An authorization bypass vulnerability was identified in GitHub Enterprise Server that allowed... Moderate Unreviewed

CVE-2024-10824 was published Nov 8, 2024

Moodle's IDOR in badges allows deletion of arbitrary badges Moderate

CVE-2024-43431 was published for moodle/moodle (Composer) Nov 7, 2024

The Tumult Hype Animations plugin for WordPress is vulnerable to unauthorized access of data due... Moderate Unreviewed

CVE-2024-10543 was published Nov 6, 2024

Previous 1 2 3 4 5 … 78 79 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,969 advisories