Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,678 advisories

Loading
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-10900 was published Nov 20, 2024
Missing Authorization vulnerability in QunatumCloud Floating Buttons for WooCommerce allows... Moderate Unreviewed
CVE-2024-52395 was published Nov 19, 2024
Missing Authorization vulnerability in Zakaria Binsaifullah Easy Accordion Gutenberg Block allows... Moderate Unreviewed
CVE-2024-51660 was published Nov 19, 2024
Missing Authorization vulnerability in CodeZel Combo WP Rewrite Slugs allows Exploiting... Moderate Unreviewed
CVE-2024-51817 was published Nov 19, 2024
Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart allows Exploiting... Moderate Unreviewed
CVE-2024-49697 was published Nov 19, 2024
Missing Authorization vulnerability in Rextheme WP VR allows Exploiting Incorrectly Configured... Moderate Unreviewed
CVE-2024-49680 was published Nov 19, 2024
Missing Authorization vulnerability in BoldThemes Bold Page Builder allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2024-50417 was published Nov 19, 2024
Missing Authorization vulnerability in Harmonic Design HD Quiz – Save Results Light allows... Moderate Unreviewed
CVE-2024-49689 was published Nov 19, 2024
The WordPress GDPR plugin for WordPress is vulnerable to unauthorized loss of data due to a... Moderate Unreviewed
CVE-2024-11069 was published Nov 19, 2024
The Google for WooCommerce plugin for WordPress is vulnerable to Information Disclosure in all... Moderate Unreviewed
CVE-2024-10486 was published Nov 19, 2024
The Elfsight Telegram Chat CC plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed
CVE-2024-10390 was published Nov 18, 2024
In Bitcoin Core before 25.0, a peer can affect the download state of other peers by sending a... Moderate Unreviewed
CVE-2024-52921 was published Nov 18, 2024
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access... Moderate Unreviewed
CVE-2024-10614 was published Nov 16, 2024
The WP Chat App plugin for WordPress is vulnerable to unauthorized plugin installation due to a... Moderate Unreviewed
CVE-2024-10533 was published Nov 16, 2024
The WP Log Viewer plugin for WordPress is vulnerable to unauthorized use of functionality due to... Moderate Unreviewed
CVE-2024-11085 was published Nov 16, 2024
The Popup Box – Create Countdown, Coupon, Video, Contact Form Popups plugin for WordPress is... Moderate Unreviewed
CVE-2024-10861 was published Nov 16, 2024
The Simple Local Avatars plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed
CVE-2024-10786 was published Nov 16, 2024
The Music Player for Elementor – Audio Player & Podcast Player plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-10582 was published Nov 15, 2024
The Tutor LMS Elementor Addons plugin for WordPress is vulnerable to unauthorized plugin... Moderate Unreviewed
CVE-2024-10897 was published Nov 15, 2024
In multiple locations, there is a possible cross-user image read due to a missing permission... Moderate Unreviewed
CVE-2024-43090 was published Nov 13, 2024
A vulnerability was found in VIWIS LMS 9.11. It has been classified as critical. Affected is an... Moderate Unreviewed
CVE-2024-8001 was published Nov 13, 2024
The Hash Elements plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed
CVE-2024-10802 was published Nov 13, 2024
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2024-10529 was published Nov 13, 2024
The Hide Links plugin for WordPress is vulnerable to unauthorized shortcode execution due to... Moderate Unreviewed
CVE-2024-9578 was published Nov 13, 2024
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2024-10531 was published Nov 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database