GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
292 advisories
Filter by severity
The Enter Addons – Ultimate Template Builder for Elementor plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-10868
was published
Nov 23, 2024
An authorization bypass through user-controlled key vulnerability has been reported to affect...
Moderate
Unreviewed
CVE-2024-50395
was published
Nov 22, 2024
The Easy Twitter Feed – Twitter feeds plugin for WP plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-10666
was published
Nov 22, 2024
The Popularis Extra plugin for WordPress is vulnerable to Information Exposure in all versions up...
Moderate
Unreviewed
CVE-2024-10795
was published
Nov 16, 2024
java_shop 1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain...
Moderate
Unreviewed
CVE-2024-50651
was published
Nov 15, 2024
The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-10794
was published
Nov 13, 2024
The BuddyPress Builder for Elementor – BuddyBuilder plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-10778
was published
Nov 13, 2024
An authorization bypass through user-controlled key vulnerability [CWE-639] in Fortinet...
Moderate
Unreviewed
CVE-2023-47543
was published
Nov 12, 2024
The Futurio Extra plugin for WordPress is vulnerable to Information Exposure in all versions up...
Moderate
Unreviewed
CVE-2024-10695
was published
Nov 12, 2024
A vulnerability classified as problematic has been found in SourceCodester Hospital Management...
Moderate
Unreviewed
CVE-2024-11073
was published
Nov 11, 2024
The Attesa Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to...
Moderate
Unreviewed
CVE-2024-10688
was published
Nov 9, 2024
The Envo Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to,...
Moderate
Unreviewed
CVE-2024-10770
was published
Nov 9, 2024
The Countdown Timer block – Display the event's date into a timer. plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-10669
was published
Nov 9, 2024
The Content Slider Block plugin for WordPress is vulnerable to Information Exposure in all...
Moderate
Unreviewed
CVE-2024-10667
was published
Nov 9, 2024
The SKT Addons for Elementor plugin for WordPress is vulnerable to Information Exposure in all...
Moderate
Unreviewed
CVE-2024-10693
was published
Nov 9, 2024
The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Information Exposure in...
Moderate
Unreviewed
CVE-2024-10779
was published
Nov 9, 2024
The User Meta – User Profile Builder and User management plugin plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-9262
was published
Nov 9, 2024
A vulnerability has been found in TOTOLINK LR350 up to 9.3.5u.6369 and classified as critical....
Moderate
Unreviewed
CVE-2024-10654
was published
Nov 1, 2024
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-9700
was published
Oct 31, 2024
The eHRD CTMS from Sunnet has an Insecure Direct Object Reference (IDOR) vulnerability, allowing...
Moderate
Unreviewed
CVE-2024-10439
was published
Oct 28, 2024
A vulnerability was found in wfh45678 Radar up to 1.0.8 and classified as critical. This issue...
Moderate
Unreviewed
CVE-2024-10121
was published
Oct 18, 2024
Dell E-Lab Navigator, [3.1.9, 3.2.0], contains an Insecure Direct Object Reference Vulnerability...
Moderate
Unreviewed
CVE-2024-22455
was published
Oct 16, 2024
Insecure handling of ssh keys used to bootstrap clients allows local attackers to potentially...
Moderate
Unreviewed
CVE-2023-32189
was published
Oct 16, 2024
The plugin ACF Quick Edit Fields for WordPress is vulnerable to Insecure Direct Object Reference...
Moderate
Unreviewed
CVE-2023-7286
was published
Oct 16, 2024
A vulnerability classified as problematic was found in Sovell Smart Canteen System up to 3.0.7303...
Moderate
Unreviewed
CVE-2024-9554
was published
Oct 6, 2024
ProTip!
Advisories are also available from the
GraphQL API