GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
593 advisories
Filter by severity
The KB Support – WordPress Help Desk and Knowledge Base plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-8548
was published
Oct 1, 2024
The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to privilege escalation in...
High
Unreviewed
CVE-2024-8349
was published
Sep 25, 2024
In onCreate of SettingsHomepageActivity.java, there is a possible way to access the Settings app...
High
Unreviewed
CVE-2024-40652
was published
Sep 11, 2024
Sensitive information disclosure and manipulation due to improper authentication. The following...
High
Unreviewed
CVE-2023-45246
was published
Oct 6, 2023
D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows...
High
Unreviewed
CVE-2024-44408
was published
Sep 6, 2024
A missing authorization vulnerability allows a local low-privileged user on the machine to...
High
Unreviewed
CVE-2024-40709
was published
Sep 7, 2024
A missing authorization vulnerability has been reported to affect several QNAP operating system...
High
Unreviewed
CVE-2023-39298
was published
Sep 6, 2024
The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized...
High
Unreviewed
CVE-2024-8480
was published
Sep 6, 2024
nGrinder before 3.5.9 allows an attacker to create or update webhook configuration due to lack of...
High
Unreviewed
CVE-2024-28215
was published
Mar 7, 2024
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-8102
was published
Sep 4, 2024
The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized administrative actions...
High
Unreviewed
CVE-2024-5784
was published
Aug 30, 2024
Missing access permissions checks in M-Files Client before 23.5.12598.0 allows elevation of...
High
Unreviewed
CVE-2023-2480
was published
May 25, 2023
The WooCommerce Google Feed Manager plugin for WordPress is vulnerable to unauthorized loss of...
High
Unreviewed
CVE-2024-7258
was published
Aug 23, 2024
In injectInputEventToInputFilter of AccessibilityManagerService.java, there is a possible...
High
Unreviewed
CVE-2024-0038
was published
Feb 16, 2024
Missing Authorization vulnerability in nouthemes Leopard - WordPress offload media allows...
High
Unreviewed
CVE-2024-43256
was published
Aug 19, 2024
Missing Authorization vulnerability in creativeon WHMpress allows Accessing Functionality Not...
High
Unreviewed
CVE-2024-43247
was published
Aug 19, 2024
Missing Authorization vulnerability in WP Swings Wallet System for WooCommerce allows Accessing...
High
Unreviewed
CVE-2024-38699
was published
Aug 13, 2024
Missing Authorization vulnerability in anhvnit Woocommerce OpenPos allows Accessing Functionality...
High
Unreviewed
CVE-2024-37935
was published
Aug 13, 2024
The Popup Builder plugin for WordPress is vulnerable to unauthorized modification of data and...
High
Unreviewed
CVE-2024-2544
was published
Jun 15, 2024
A directory listing vulnerability in Best Student Result Management System v1.0 allows attackers...
High
Unreviewed
CVE-2023-49980
was published
Mar 21, 2024
The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for...
High
Unreviewed
CVE-2023-6696
was published
Jun 15, 2024
The File Manager Pro – Filester plugin for WordPress is vulnerable to unauthorized modification...
High
Unreviewed
CVE-2024-7031
was published
Aug 3, 2024
The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to,...
High
Unreviewed
CVE-2024-6698
was published
Aug 1, 2024
A Missing Authorization vulnerability in the Socket Intercept (SI) command file interface of...
High
Unreviewed
CVE-2024-39546
was published
Jul 11, 2024
The Social Auto Poster plugin for WordPress is vulnerable to unauthorized access, modification,...
High
Unreviewed
CVE-2024-6750
was published
Jul 24, 2024
ProTip!
Advisories are also available from the
GraphQL API