Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,579 advisories

Loading
The Geo Controller plugin for WordPress is vulnerable to unauthorized menu creation/deletion due... Moderate Unreviewed
CVE-2024-7380 was published Sep 5, 2024
The Geo Controller plugin for WordPress is vulnerable to unauthorized shortcode execution due to... Moderate Unreviewed
CVE-2024-7381 was published Sep 5, 2024
The Booking for Appointments and Events Calendar – Amelia Premium and Lite plugins for WordPress... Moderate Unreviewed
CVE-2024-6332 was published Sep 5, 2024
The Form Vibes – Database Manager for Forms plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2024-5309 was published Sep 5, 2024
The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress... Critical Unreviewed
CVE-2024-8289 was published Sep 4, 2024
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-8102 was published Sep 4, 2024
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-8121 was published Sep 4, 2024
LTI 1.3 Grade Pass Back Implementation has Missing Authorization Vulnerability Low
CVE-2023-23611 was published for lti-consumer-xblock (pip) Aug 30, 2024
The Media Library Folders plugin for WordPress is vulnerable to unauthorized access due to... Moderate Unreviewed
CVE-2024-7858 was published Aug 30, 2024
The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized administrative actions... High Unreviewed
CVE-2024-5784 was published Aug 30, 2024
Missing Authorization vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Accessing... Moderate Unreviewed
CVE-2024-43940 was published Aug 29, 2024
Missing Authorization vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Accessing... Moderate Unreviewed
CVE-2024-43939 was published Aug 29, 2024
The WP Accessibility Helper (WAH) plugin for WordPress is vulnerable to unauthorized modification... Moderate Unreviewed
CVE-2024-5987 was published Aug 29, 2024
The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms... Moderate Unreviewed
CVE-2024-5857 was published Aug 29, 2024
The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is... Critical Unreviewed
CVE-2024-7856 was published Aug 29, 2024
'Rakuten Ichiba App' for Android 12.4.0 and earlier and 'Rakuten Ichiba App' for iOS 11.7.0 and... Low Unreviewed
CVE-2024-41918 was published Aug 29, 2024
A vulnerability in Cisco NX-OS Software could allow an authenticated, local attacker with... Moderate Unreviewed
CVE-2024-20413 was published Aug 28, 2024
The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized access of data due... Moderate Unreviewed
CVE-2024-8195 was published Aug 28, 2024
The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms... Moderate Unreviewed
CVE-2024-7447 was published Aug 28, 2024
The Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor,... Moderate Unreviewed
CVE-2024-8199 was published Aug 27, 2024
The Oxygen Builder plugin for WordPress is vulnerable to unauthorized modification of data due to... Moderate Unreviewed
CVE-2024-6688 was published Aug 27, 2024
Missing Authorization vulnerability in myCred.This issue affects myCred: from n/a through 2.7.2. Moderate Unreviewed
CVE-2024-43214 was published Aug 26, 2024
The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2024-6631 was published Aug 24, 2024
The WooCommerce Google Feed Manager plugin for WordPress is vulnerable to unauthorized loss of... High Unreviewed
CVE-2024-7258 was published Aug 23, 2024
Missing Authorization vulnerability in VeronaLabs WP SMS.This issue affects WP SMS: from n/a... Moderate Unreviewed
CVE-2024-43331 was published Aug 22, 2024
ProTip! Advisories are also available from the GraphQL API