GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,579 advisories
Filter by severity
The WP EasyPay – Square for WordPress plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-5861
was published
Jul 24, 2024
The Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create...
Moderate
Unreviewed
CVE-2024-6836
was published
Jul 24, 2024
The Social Auto Poster plugin for WordPress is vulnerable to unauthorized modification of data to...
Moderate
Unreviewed
CVE-2024-6754
was published
Jul 24, 2024
The Social Auto Poster plugin for WordPress is vulnerable to unauthorized access, modification,...
High
Unreviewed
CVE-2024-6750
was published
Jul 24, 2024
The Social Auto Poster plugin for WordPress is vulnerable to unauthorized modification and loss...
Moderate
Unreviewed
CVE-2024-6755
was published
Jul 24, 2024
The NI VeriStand Gateway is missing authorization checks when an actor attempts to access Project...
Critical
Unreviewed
CVE-2024-6806
was published
Jul 22, 2024
The NI VeriStand Gateway is missing authorization checks when an actor attempts to access File...
High
Unreviewed
CVE-2024-6805
was published
Jul 22, 2024
The WooCommerce - Social Login plugin for WordPress is vulnerable to unauthorized modification of...
Critical
Unreviewed
CVE-2024-6636
was published
Jul 20, 2024
The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2024-6489
was published
Jul 20, 2024
The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2024-6491
was published
Jul 20, 2024
The YITH Essential Kit for WooCommerce #1 plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-6799
was published
Jul 19, 2024
The Duplica – Duplicate Posts, Pages, Custom Posts or Users plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-5997
was published
Jul 19, 2024
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress...
Moderate
Unreviewed
CVE-2024-5703
was published
Jul 17, 2024
The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-6033
was published
Jul 17, 2024
The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for...
High
Unreviewed
CVE-2024-6660
was published
Jul 17, 2024
Missing Authorization vulnerability in Tobias Conrad Get Better Reviews for WooCommerce.This...
Moderate
Unreviewed
CVE-2024-37544
was published
Jul 12, 2024
Missing Authorization vulnerability in BinaryCarpenter Ultimate Custom Add To Cart Button (Ajax)...
Moderate
Unreviewed
CVE-2024-37202
was published
Jul 12, 2024
The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-6392
was published
Jul 12, 2024
A Missing Authorization vulnerability in the Socket Intercept (SI) command file interface of...
High
Unreviewed
CVE-2024-39546
was published
Jul 11, 2024
The Payflex Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2024-0619
was published
Jul 11, 2024
Windows Text Services Framework Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-21417
was published
Jul 10, 2024
SAP CRM WebClient does not
perform necessary authorization check for an authenticated user,...
Moderate
Unreviewed
CVE-2024-37175
was published
Jul 9, 2024
SAP S/4HANA Finance (Advanced Payment
Management) does not perform necessary authorization check...
Moderate
Unreviewed
CVE-2024-37172
was published
Jul 9, 2024
Due to missing authorization checks, SAP Enable
Now allows an author to escalate privileges to...
Moderate
Unreviewed
CVE-2024-39596
was published
Jul 9, 2024
Elements of PDCE does not perform necessary
authorization checks for an authenticated user,...
High
Unreviewed
CVE-2024-39592
was published
Jul 9, 2024
ProTip!
Advisories are also available from the
GraphQL API