Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,910 advisories

Loading
The Leopard - WordPress Offload Media plugin for WordPress is vulnerable to unauthorized... Critical Unreviewed
CVE-2024-10589 was published Nov 9, 2024
The Top Store theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due... High Unreviewed
CVE-2024-10673 was published Nov 9, 2024
The Th Shop Mania theme for WordPress is vulnerable to unauthorized arbitrary plugin installation... High Unreviewed
CVE-2024-10674 was published Nov 9, 2024
The CE21 Suite plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed
CVE-2024-10294 was published Nov 9, 2024
The Debug Tool plugin for WordPress is vulnerable to unauthorized access of data due to a missing... Moderate Unreviewed
CVE-2024-10588 was published Nov 9, 2024
The Debug Tool plugin for WordPress is vulnerable to arbitrary file creation due to a missing... Critical Unreviewed
CVE-2024-10586 was published Nov 9, 2024
A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged... Moderate Unreviewed
CVE-2023-23344 was published Jun 23, 2023
The Zotpress plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed
CVE-2024-7429 was published Nov 5, 2024
An authorization bypass vulnerability was identified in GitHub Enterprise Server that allowed... Moderate Unreviewed
CVE-2024-10824 was published Nov 8, 2024
Moodle's IDOR in badges allows deletion of arbitrary badges Moderate
CVE-2024-43431 was published for moodle/moodle (Composer) Nov 7, 2024
The Tumult Hype Animations plugin for WordPress is vulnerable to unauthorized access of data due... Moderate Unreviewed
CVE-2024-10543 was published Nov 6, 2024
The Video Gallery for WooCommerce plugin for WordPress is vulnerable to unauthorized modification... Moderate Unreviewed
CVE-2024-10535 was published Nov 6, 2024
The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is... Moderate Unreviewed
CVE-2024-6626 was published Nov 6, 2024
A vulnerability classified as critical was found in Tongda OA 11.2/11.3/11.4/11.5/11.6. This... Moderate Unreviewed
CVE-2024-10598 was published Nov 1, 2024
Arbitrary file deletion in litellm High
CVE-2024-4888 was published for litellm (pip) Jun 6, 2024
In lunary-ai/lunary version 1.2.5, an improper access control vulnerability exists due to a... Moderate Unreviewed
CVE-2024-5248 was published Jun 6, 2024
Missing Authorization vulnerability in Popup Maker allows Accessing Functionality Not Properly... Moderate Unreviewed
CVE-2024-47358 was published Nov 1, 2024
Missing Authorization vulnerability in CubeWP CubeWP – All-in-One Dynamic Content Framework... Moderate Unreviewed
CVE-2024-48039 was published Nov 1, 2024
Missing Authorization vulnerability in Prasad Kirpekar WP Free SSL – Free SSL Certificate for... Moderate Unreviewed
CVE-2024-44020 was published Nov 1, 2024
Missing Authorization vulnerability in WPManageNinja LLC Fluent Support allows Exploiting... Moderate Unreviewed
CVE-2024-47302 was published Nov 1, 2024
Missing Authorization vulnerability in Templately allows Accessing Functionality Not Properly... Moderate Unreviewed
CVE-2024-47308 was published Nov 1, 2024
Missing Authorization vulnerability in WP Quads Ads by WPQuads – Adsense Ads, Banner Ads, Popup... Moderate Unreviewed
CVE-2024-47317 was published Nov 1, 2024
Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart allows Exploiting... High Unreviewed
CVE-2024-47314 was published Nov 1, 2024
Missing Authorization vulnerability in Magazine3 PWA for WP & AMP allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2024-47318 was published Nov 1, 2024
Missing Authorization vulnerability in Depicter Slider and Popup by Averta Depicter Slider allows... Moderate Unreviewed
CVE-2024-47359 was published Nov 1, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database