GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,579 advisories
Filter by severity
The Geo Controller plugin for WordPress is vulnerable to unauthorized menu creation/deletion due...
Moderate
Unreviewed
CVE-2024-7380
was published
Sep 5, 2024
The Geo Controller plugin for WordPress is vulnerable to unauthorized shortcode execution due to...
Moderate
Unreviewed
CVE-2024-7381
was published
Sep 5, 2024
The Booking for Appointments and Events Calendar – Amelia Premium and Lite plugins for WordPress...
Moderate
Unreviewed
CVE-2024-6332
was published
Sep 5, 2024
The Form Vibes – Database Manager for Forms plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-5309
was published
Sep 5, 2024
The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress...
Critical
Unreviewed
CVE-2024-8289
was published
Sep 4, 2024
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-8102
was published
Sep 4, 2024
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-8121
was published
Sep 4, 2024
LTI 1.3 Grade Pass Back Implementation has Missing Authorization Vulnerability
Low
CVE-2023-23611
was published
for
lti-consumer-xblock
(pip)
Aug 30, 2024
The Media Library Folders plugin for WordPress is vulnerable to unauthorized access due to...
Moderate
Unreviewed
CVE-2024-7858
was published
Aug 30, 2024
The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized administrative actions...
High
Unreviewed
CVE-2024-5784
was published
Aug 30, 2024
Missing Authorization vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Accessing...
Moderate
Unreviewed
CVE-2024-43940
was published
Aug 29, 2024
Missing Authorization vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Accessing...
Moderate
Unreviewed
CVE-2024-43939
was published
Aug 29, 2024
The WP Accessibility Helper (WAH) plugin for WordPress is vulnerable to unauthorized modification...
Moderate
Unreviewed
CVE-2024-5987
was published
Aug 29, 2024
The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms...
Moderate
Unreviewed
CVE-2024-5857
was published
Aug 29, 2024
The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is...
Critical
Unreviewed
CVE-2024-7856
was published
Aug 29, 2024
'Rakuten Ichiba App' for Android 12.4.0 and earlier and 'Rakuten Ichiba App' for iOS 11.7.0 and...
Low
Unreviewed
CVE-2024-41918
was published
Aug 29, 2024
A vulnerability in Cisco NX-OS Software could allow an authenticated, local attacker with...
Moderate
Unreviewed
CVE-2024-20413
was published
Aug 28, 2024
The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized access of data due...
Moderate
Unreviewed
CVE-2024-8195
was published
Aug 28, 2024
The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms...
Moderate
Unreviewed
CVE-2024-7447
was published
Aug 28, 2024
The Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor,...
Moderate
Unreviewed
CVE-2024-8199
was published
Aug 27, 2024
The Oxygen Builder plugin for WordPress is vulnerable to unauthorized modification of data due to...
Moderate
Unreviewed
CVE-2024-6688
was published
Aug 27, 2024
Missing Authorization vulnerability in myCred.This issue affects myCred: from n/a through 2.7.2.
Moderate
Unreviewed
CVE-2024-43214
was published
Aug 26, 2024
The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-6631
was published
Aug 24, 2024
The WooCommerce Google Feed Manager plugin for WordPress is vulnerable to unauthorized loss of...
High
Unreviewed
CVE-2024-7258
was published
Aug 23, 2024
Missing Authorization vulnerability in VeronaLabs WP SMS.This issue affects WP SMS: from n/a...
Moderate
Unreviewed
CVE-2024-43331
was published
Aug 22, 2024
ProTip!
Advisories are also available from the
GraphQL API