Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,579 advisories

Loading
An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Data is transferred... Critical Unreviewed
CVE-2024-45168 was published Aug 22, 2024
The Smart Online Order for Clover plugin for WordPress is vulnerable to unauthorized modification... Moderate Unreviewed
CVE-2024-7030 was published Aug 21, 2024
The WP Testimonial Widget plugin for WordPress is vulnerable to unauthorized modification of data... Moderate Unreviewed
CVE-2024-7390 was published Aug 21, 2024
The Smart Online Order for Clover plugin for WordPress is vulnerable to unauthorized loss of data... Moderate Unreviewed
CVE-2024-7032 was published Aug 21, 2024
The Event Espresso 4 Decaf – Event Registration Event Ticketing plugin for WordPress is... Moderate Unreviewed
CVE-2024-6883 was published Aug 21, 2024
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-5940 was published Aug 20, 2024
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-5939 was published Aug 20, 2024
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-5941 was published Aug 20, 2024
In XWiki Platform, payloads stored in content is executed when a user with script/programming right edit them Critical
CVE-2024-43401 was published for org.xwiki.platform:xwiki-platform-web-templates (Maven) Aug 19, 2024
floerer
Missing Authorization vulnerability in Jamie Bergen Plugin Notes Plus allows Accessing... Moderate Unreviewed
CVE-2024-43326 was published Aug 19, 2024
Missing Authorization vulnerability in nouthemes Leopard - WordPress offload media allows... High Unreviewed
CVE-2024-43256 was published Aug 19, 2024
Missing Authorization vulnerability in creativeon WHMpress allows Accessing Functionality Not... High Unreviewed
CVE-2024-43247 was published Aug 19, 2024
Missing Authorization vulnerability in Automattic Sensei LMS, Automattic Sensei Pro (WC Paid... Moderate Unreviewed
CVE-2024-35686 was published Aug 19, 2024
The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed
CVE-2023-4027 was published Aug 17, 2024
The LadiApp plugn for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed
CVE-2023-4730 was published Aug 17, 2024
The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed
CVE-2023-4024 was published Aug 17, 2024
The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed
CVE-2023-4025 was published Aug 17, 2024
The InPost for WooCommerce plugin and InPost PL plugin for WordPress are vulnerable to... Critical Unreviewed
CVE-2024-6500 was published Aug 17, 2024
Missing Authorization vulnerability in WP Swings Wallet System for WooCommerce allows Accessing... High Unreviewed
CVE-2024-38699 was published Aug 13, 2024
Missing Authorization vulnerability in Igor Benić Recipe Maker For Your Food Blog from Zip... Moderate Unreviewed
CVE-2024-38688 was published Aug 13, 2024
Missing Authorization vulnerability in anhvnit Woocommerce OpenPos allows Accessing Functionality... High Unreviewed
CVE-2024-37935 was published Aug 13, 2024
SAP Student Life Cycle Management (SLcM) fails to conduct proper authorization checks for... Moderate Unreviewed
CVE-2024-42373 was published Aug 13, 2024
SAP Document Builder does not perform necessary authorization checks for one of the function... Moderate Unreviewed
CVE-2024-39591 was published Aug 13, 2024
Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an... Moderate Unreviewed
CVE-2024-41734 was published Aug 13, 2024
SAP shared service framework allows an authenticated non-administrative user to call a remote... Moderate Unreviewed
CVE-2024-42377 was published Aug 13, 2024
ProTip! Advisories are also available from the GraphQL API