Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,579 advisories

Loading
SAP Shared Service Framework does not perform necessary authorization check for an authenticated... Moderate Unreviewed
CVE-2024-42376 was published Aug 13, 2024
In SAP BusinessObjects Business Intelligence Platform, if Single Signed On is enabled on... Critical Unreviewed
CVE-2024-41730 was published Aug 13, 2024
Due to the missing authorization checks in the local systems, the admin users of SAP Web... Moderate Unreviewed
CVE-2024-33005 was published Aug 13, 2024
Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization vulnerability... Moderate Unreviewed
CVE-2024-37930 was published Aug 13, 2024
The Opal Membership plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-7648 was published Aug 12, 2024
The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is... Moderate Unreviewed
CVE-2024-7621 was published Aug 12, 2024
CometVisu Backend for openHAB has a sensitive information disclosure vulnerability Moderate
CVE-2024-42470 was published for org.openhab.ui.bundles:org.openhab.ui.cometvisu (Maven) Aug 9, 2024
p-
The Premium Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification... Moderate Unreviewed
CVE-2024-6824 was published Aug 8, 2024
The Orchid Store theme for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed
CVE-2024-6987 was published Aug 8, 2024
The Falang multilanguage for WordPress plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2024-6869 was published Aug 8, 2024
Jenkins does not perform a permission check in an HTTP endpoint Moderate
CVE-2024-43045 was published for org.jenkins-ci.main:jenkins-core (Maven) Aug 7, 2024
The Build Your Dream Website Fast with 400+ Starter Templates and Landing Pages, No Coding Needed... Moderate Unreviewed
CVE-2024-6872 was published Aug 3, 2024
The Sync Post With Other Site plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed
CVE-2024-6709 was published Aug 3, 2024
The File Manager Pro – Filester plugin for WordPress is vulnerable to unauthorized modification... High Unreviewed
CVE-2024-7031 was published Aug 3, 2024
The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to,... High Unreviewed
CVE-2024-6698 was published Aug 1, 2024
The AdFoxly – Ad Manager, AdSense Ads & Ads.txt plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-1715 was published Aug 1, 2024
XWiki Platform vulnerable to remote code execution from account via SearchSuggestConfigSheet Critical
CVE-2024-37901 was published for org.xwiki.platform:xwiki-platform-search-ui (Maven) Jul 31, 2024
XWiki Platform vulnerable to document deletion and overwrite from edit Moderate
CVE-2024-37898 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Jul 31, 2024
The Tainacan plugin for WordPress is vulnerable to unauthorized access of data due to a missing... Moderate Unreviewed
CVE-2024-7135 was published Jul 31, 2024
The WP Mobile Menu plugin for WordPress is vulnerable to unauthorized modification of data due to... Moderate Unreviewed
CVE-2024-2508 was published Jul 31, 2024
The WooCommerce Product Table Lite plugin for WordPress is vulnerable to unauthorized post title... Moderate Unreviewed
CVE-2024-6458 was published Jul 27, 2024
The Ultimate WordPress Auction Plugin plugin for WordPress is vulnerable to unauthorized email... Moderate Unreviewed
CVE-2024-6591 was published Jul 27, 2024
The IgnitionDeck Crowdfunding Platform plugin for WordPress is vulnerable to Missing... Moderate Unreviewed
CVE-2024-4410 was published Jul 27, 2024
The Tutor LMS – Migration Tool plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed
CVE-2024-1804 was published Jul 27, 2024
The Tutor LMS – Migration Tool plugin for WordPress is vulnerable to unauthorized access of data... Moderate Unreviewed
CVE-2024-1798 was published Jul 27, 2024
ProTip! Advisories are also available from the GraphQL API