GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,486

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

292 advisories

Filter by severity

Sort by

Least recently updated

The Enter Addons – Ultimate Template Builder for Elementor plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-10868 was published Nov 23, 2024

An authorization bypass through user-controlled key vulnerability has been reported to affect... Moderate Unreviewed

CVE-2024-50395 was published Nov 22, 2024

The Easy Twitter Feed – Twitter feeds plugin for WP plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-10666 was published Nov 22, 2024

The Popularis Extra plugin for WordPress is vulnerable to Information Exposure in all versions up... Moderate Unreviewed

CVE-2024-10795 was published Nov 16, 2024

java_shop 1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain... Moderate Unreviewed

CVE-2024-50651 was published Nov 15, 2024

The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-10794 was published Nov 13, 2024

The BuddyPress Builder for Elementor – BuddyBuilder plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-10778 was published Nov 13, 2024

An authorization bypass through user-controlled key vulnerability [CWE-639] in Fortinet... Moderate Unreviewed

CVE-2023-47543 was published Nov 12, 2024

The Futurio Extra plugin for WordPress is vulnerable to Information Exposure in all versions up... Moderate Unreviewed

CVE-2024-10695 was published Nov 12, 2024

A vulnerability classified as problematic has been found in SourceCodester Hospital Management... Moderate Unreviewed

CVE-2024-11073 was published Nov 11, 2024

The Attesa Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to... Moderate Unreviewed

CVE-2024-10688 was published Nov 9, 2024

The SKT Addons for Elementor plugin for WordPress is vulnerable to Information Exposure in all... Moderate Unreviewed

CVE-2024-10693 was published Nov 9, 2024

The Envo Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to,... Moderate Unreviewed

CVE-2024-10770 was published Nov 9, 2024

The Countdown Timer block – Display the event's date into a timer. plugin for WordPress is... Moderate Unreviewed

CVE-2024-10669 was published Nov 9, 2024

The Content Slider Block plugin for WordPress is vulnerable to Information Exposure in all... Moderate Unreviewed

CVE-2024-10667 was published Nov 9, 2024

The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Information Exposure in... Moderate Unreviewed

CVE-2024-10779 was published Nov 9, 2024

The User Meta – User Profile Builder and User management plugin plugin for WordPress is... Moderate Unreviewed

CVE-2024-9262 was published Nov 9, 2024

A vulnerability has been found in TOTOLINK LR350 up to 9.3.5u.6369 and classified as critical.... Moderate Unreviewed

CVE-2024-10654 was published Nov 1, 2024

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is... Moderate Unreviewed

CVE-2024-9700 was published Oct 31, 2024

The eHRD CTMS from Sunnet has an Insecure Direct Object Reference (IDOR) vulnerability, allowing... Moderate Unreviewed

CVE-2024-10439 was published Oct 28, 2024

A vulnerability was found in wfh45678 Radar up to 1.0.8 and classified as critical. This issue... Moderate Unreviewed

CVE-2024-10121 was published Oct 18, 2024

Dell E-Lab Navigator, [3.1.9, 3.2.0], contains an Insecure Direct Object Reference Vulnerability... Moderate Unreviewed

CVE-2024-22455 was published Oct 16, 2024

Insecure handling of ssh keys used to bootstrap clients allows local attackers to potentially... Moderate Unreviewed

CVE-2023-32189 was published Oct 16, 2024

The plugin ACF Quick Edit Fields for WordPress is vulnerable to Insecure Direct Object Reference... Moderate Unreviewed

CVE-2023-7286 was published Oct 16, 2024

A vulnerability classified as problematic was found in Sovell Smart Canteen System up to 3.0.7303... Moderate Unreviewed

CVE-2024-9554 was published Oct 6, 2024

Previous 1 2 3 4 5 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

292 advisories