GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,989 advisories
Filter by severity
Missing Authorization vulnerability in Leevio Happy Addons for Elementor allows Exploiting...
Moderate
Unreviewed
CVE-2024-48045
was published
Nov 1, 2024
Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart allows Exploiting...
High
Unreviewed
CVE-2024-47314
was published
Nov 1, 2024
Missing Authorization vulnerability in WPManageNinja LLC Fluent Support allows Exploiting...
Moderate
Unreviewed
CVE-2024-47302
was published
Nov 1, 2024
Missing Authorization vulnerability in Templately allows Accessing Functionality Not Properly...
Moderate
Unreviewed
CVE-2024-47308
was published
Nov 1, 2024
Missing Authorization vulnerability in Geek Code Lab Login As Users allows Exploiting Incorrectly...
High
Unreviewed
CVE-2024-43982
was published
Nov 1, 2024
Missing Authorization vulnerability in WPChill Strong Testimonials allows Exploiting Incorrectly...
Moderate
Unreviewed
CVE-2024-47362
was published
Nov 1, 2024
The Zotpress plugin for WordPress is vulnerable to unauthorized modification of data due to a...
Moderate
Unreviewed
CVE-2024-7429
was published
Nov 5, 2024
The Video Gallery for WooCommerce plugin for WordPress is vulnerable to unauthorized modification...
Moderate
Unreviewed
CVE-2024-10535
was published
Nov 6, 2024
The Tumult Hype Animations plugin for WordPress is vulnerable to unauthorized access of data due...
Moderate
Unreviewed
CVE-2024-10543
was published
Nov 6, 2024
The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-6626
was published
Nov 6, 2024
Moodle's IDOR in badges allows deletion of arbitrary badges
Moderate
CVE-2024-43431
was published
for
moodle/moodle
(Composer)
Nov 7, 2024
An authorization bypass vulnerability was identified in GitHub Enterprise Server that allowed...
Moderate
Unreviewed
CVE-2024-10824
was published
Nov 8, 2024
sunniwell HT3300 before 1.0.0.B022.2 is vulnerable to Insecure Permissions. The /usr/local/bin...
Critical
Unreviewed
CVE-2024-48073
was published
Nov 9, 2024
The Debug Tool plugin for WordPress is vulnerable to arbitrary file creation due to a missing...
Critical
Unreviewed
CVE-2024-10586
was published
Nov 9, 2024
The CE21 Suite plugin for WordPress is vulnerable to unauthorized modification of data due to a...
Moderate
Unreviewed
CVE-2024-10294
was published
Nov 9, 2024
The Debug Tool plugin for WordPress is vulnerable to unauthorized access of data due to a missing...
Moderate
Unreviewed
CVE-2024-10588
was published
Nov 9, 2024
The Top Store theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due...
High
Unreviewed
CVE-2024-10673
was published
Nov 9, 2024
The Th Shop Mania theme for WordPress is vulnerable to unauthorized arbitrary plugin installation...
High
Unreviewed
CVE-2024-10674
was published
Nov 9, 2024
The Leopard - WordPress Offload Media plugin for WordPress is vulnerable to unauthorized...
Critical
Unreviewed
CVE-2024-10589
was published
Nov 9, 2024
Cash Operations does not perform necessary authorization check for an authenticated user,...
Low
Unreviewed
CVE-2024-47587
was published
Nov 12, 2024
Due to missing authorization check in SAP NetWeaver AS Java (System Landscape Directory) an...
Moderate
Unreviewed
CVE-2024-42372
was published
Nov 12, 2024
The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized access of data...
Moderate
Unreviewed
CVE-2024-10852
was published
Nov 13, 2024
The GPX Viewer plugin for WordPress is vulnerable to arbitrary file creation due to a missing...
High
Unreviewed
CVE-2024-10629
was published
Nov 13, 2024
The Styler for Ninja Forms plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2024-10717
was published
Nov 13, 2024
The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2024-10854
was published
Nov 13, 2024
ProTip!
Advisories are also available from the
GraphQL API