Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

659 advisories

Loading
In onCreate of SettingsHomepageActivity.java, there is a possible way to access the Settings app... High Unreviewed
CVE-2024-40652 was published Sep 11, 2024
A missing authorization vulnerability allows a local low-privileged user on the machine to... High Unreviewed
CVE-2024-40709 was published Sep 7, 2024
A missing authorization vulnerability has been reported to affect several QNAP operating system... High Unreviewed
CVE-2023-39298 was published Sep 6, 2024
D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows... High Unreviewed
CVE-2024-44408 was published Sep 6, 2024
The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized... High Unreviewed
CVE-2024-8480 was published Sep 6, 2024
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-8102 was published Sep 4, 2024
The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized administrative actions... High Unreviewed
CVE-2024-5784 was published Aug 30, 2024
The WooCommerce Google Feed Manager plugin for WordPress is vulnerable to unauthorized loss of... High Unreviewed
CVE-2024-7258 was published Aug 23, 2024
Missing Authorization vulnerability in nouthemes Leopard - WordPress offload media allows... High Unreviewed
CVE-2024-43256 was published Aug 19, 2024
Missing Authorization vulnerability in creativeon WHMpress allows Accessing Functionality Not... High Unreviewed
CVE-2024-43247 was published Aug 19, 2024
Missing Authorization vulnerability in WP Swings Wallet System for WooCommerce allows Accessing... High Unreviewed
CVE-2024-38699 was published Aug 13, 2024
Missing Authorization vulnerability in anhvnit Woocommerce OpenPos allows Accessing Functionality... High Unreviewed
CVE-2024-37935 was published Aug 13, 2024
The File Manager Pro – Filester plugin for WordPress is vulnerable to unauthorized modification... High Unreviewed
CVE-2024-7031 was published Aug 3, 2024
The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to,... High Unreviewed
CVE-2024-6698 was published Aug 1, 2024
The Social Auto Poster plugin for WordPress is vulnerable to unauthorized access, modification,... High Unreviewed
CVE-2024-6750 was published Jul 24, 2024
The NI VeriStand Gateway is missing authorization checks when an actor attempts to access File... High Unreviewed
CVE-2024-6805 was published Jul 22, 2024
The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for... High Unreviewed
CVE-2024-6660 was published Jul 17, 2024
A Missing Authorization vulnerability in the Socket Intercept (SI) command file interface of... High Unreviewed
CVE-2024-39546 was published Jul 11, 2024
Windows Text Services Framework Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-21417 was published Jul 10, 2024
Elements of PDCE does not perform necessary authorization checks for an authenticated user,... High Unreviewed
CVE-2024-39592 was published Jul 9, 2024
Missing Authorization in stitionai/devika High Unreviewed
CVE-2024-5820 was published Jun 27, 2024
Missing Authorization vulnerability in Membership Software WishList Member X.This issue affects... High Unreviewed
CVE-2024-37111 was published Jun 24, 2024
Missing Authorization vulnerability in Bill Minozzi WP Tools.This issue affects WP Tools: from n... High Unreviewed
CVE-2022-43453 was published Jun 21, 2024
Missing Authorization vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider... High Unreviewed
CVE-2024-34444 was published Jun 19, 2024
Missing Authorization vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n... High Unreviewed
CVE-2023-36515 was published Jun 19, 2024
ProTip! Advisories are also available from the GraphQL API