GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
619 advisories
Filter by severity
The Enter Addons – Ultimate Template Builder for Elementor plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-10868
was published
Nov 23, 2024
An authorization bypass through user-controlled key vulnerability has been reported to affect...
Moderate
Unreviewed
CVE-2024-50395
was published
Nov 22, 2024
The Easy Twitter Feed – Twitter feeds plugin for WP plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-10666
was published
Nov 22, 2024
Moodle IDOR when deleting OAuth2 linked accounts
Moderate
CVE-2024-45690
was published
for
moodle/moodle
(Composer)
Nov 20, 2024
Moodle IDOR when accessing list of course badges
Moderate
CVE-2024-48899
was published
for
moodle/moodle
(Composer)
Nov 20, 2024
The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized...
High
Unreviewed
CVE-2024-10855
was published
Nov 20, 2024
An IDOR (Insecure Direct Object Reference) vulnerability has been discovered in AbsysNet,...
High
Unreviewed
CVE-2024-11318
was published
Nov 18, 2024
The Popularis Extra plugin for WordPress is vulnerable to Information Exposure in all versions up...
Moderate
Unreviewed
CVE-2024-10795
was published
Nov 16, 2024
java_shop 1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain...
Moderate
Unreviewed
CVE-2024-50651
was published
Nov 15, 2024
Improper Authorization in dolibarr/dolibarr
Moderate
CVE-2021-3991
was published
for
dolibarr/dolibarr
(Composer)
Nov 15, 2024
The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-10794
was published
Nov 13, 2024
The WP Project Manager – Task, team, and project management plugin featuring kanban board and...
High
Unreviewed
CVE-2024-10174
was published
Nov 13, 2024
The BuddyPress Builder for Elementor – BuddyBuilder plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-10778
was published
Nov 13, 2024
SOCIFI Socifi Guest wifi as SAAS wifi portal is affected by Insecure Permissions. Any authorized...
High
Unreviewed
CVE-2021-27700
was published
Nov 13, 2024
An authorization bypass through user-controlled key vulnerability [CWE-639] in Fortinet...
Moderate
Unreviewed
CVE-2023-47543
was published
Nov 12, 2024
The Futurio Extra plugin for WordPress is vulnerable to Information Exposure in all versions up...
Moderate
Unreviewed
CVE-2024-10695
was published
Nov 12, 2024
A vulnerability classified as problematic has been found in SourceCodester Hospital Management...
Moderate
Unreviewed
CVE-2024-11073
was published
Nov 11, 2024
The Attesa Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to...
Moderate
Unreviewed
CVE-2024-10688
was published
Nov 9, 2024
The SKT Addons for Elementor plugin for WordPress is vulnerable to Information Exposure in all...
Moderate
Unreviewed
CVE-2024-10693
was published
Nov 9, 2024
The Envo Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to,...
Moderate
Unreviewed
CVE-2024-10770
was published
Nov 9, 2024
The Countdown Timer block – Display the event's date into a timer. plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-10669
was published
Nov 9, 2024
The Content Slider Block plugin for WordPress is vulnerable to Information Exposure in all...
Moderate
Unreviewed
CVE-2024-10667
was published
Nov 9, 2024
The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Information Exposure in...
Moderate
Unreviewed
CVE-2024-10779
was published
Nov 9, 2024
The User Meta – User Profile Builder and User management plugin plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-9262
was published
Nov 9, 2024
Moodle's IDOR in badges allows deletion of arbitrary badges
Moderate
CVE-2024-43431
was published
for
moodle/moodle
(Composer)
Nov 7, 2024
ProTip!
Advisories are also available from the
GraphQL API