Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,999 advisories

Loading
moodle: Some users can delete audiences of other reports Moderate
CVE-2024-48898 was published for moodle/moodle (Composer) Nov 18, 2024
In Bitcoin Core before 25.0, a peer can affect the download state of other peers by sending a... Moderate Unreviewed
CVE-2024-52921 was published Nov 18, 2024
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access... Moderate Unreviewed
CVE-2024-10614 was published Nov 16, 2024
The WP Log Viewer plugin for WordPress is vulnerable to unauthorized use of functionality due to... Moderate Unreviewed
CVE-2024-11085 was published Nov 16, 2024
The WP Chat App plugin for WordPress is vulnerable to unauthorized plugin installation due to a... Moderate Unreviewed
CVE-2024-10533 was published Nov 16, 2024
The Simple Local Avatars plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed
CVE-2024-10786 was published Nov 16, 2024
The Popup Box – Create Countdown, Coupon, Video, Contact Form Popups plugin for WordPress is... Moderate Unreviewed
CVE-2024-10861 was published Nov 16, 2024
Improper Access Control in janeczku/calibre-web Moderate
CVE-2021-3987 was published for calibreweb (pip) Nov 15, 2024
The Music Player for Elementor – Audio Player & Podcast Player plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-10582 was published Nov 15, 2024
The Tutor LMS Elementor Addons plugin for WordPress is vulnerable to unauthorized plugin... Moderate Unreviewed
CVE-2024-10897 was published Nov 15, 2024
Missing permission check in Jenkins Script Security Plugin Moderate
CVE-2024-52549 was published for org.jenkins-ci.plugins:script-security (Maven) Nov 13, 2024
In multiple locations, there is a possible cross-user image read due to a missing permission... Moderate Unreviewed
CVE-2024-43090 was published Nov 13, 2024
A vulnerability was found in VIWIS LMS 9.11. It has been classified as critical. Affected is an... Moderate Unreviewed
CVE-2024-8001 was published Nov 13, 2024
The Hash Elements plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed
CVE-2024-10802 was published Nov 13, 2024
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2024-10531 was published Nov 13, 2024
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2024-10529 was published Nov 13, 2024
The Hide Links plugin for WordPress is vulnerable to unauthorized shortcode execution due to... Moderate Unreviewed
CVE-2024-9578 was published Nov 13, 2024
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2024-10530 was published Nov 13, 2024
The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed
CVE-2024-10854 was published Nov 13, 2024
The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed
CVE-2024-10853 was published Nov 13, 2024
The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized access of data... Moderate Unreviewed
CVE-2024-10852 was published Nov 13, 2024
The Styler for Ninja Forms plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed
CVE-2024-10717 was published Nov 13, 2024
Due to missing authorization check in SAP NetWeaver AS Java (System Landscape Directory) an... Moderate Unreviewed
CVE-2024-42372 was published Nov 12, 2024
The Debug Tool plugin for WordPress is vulnerable to unauthorized access of data due to a missing... Moderate Unreviewed
CVE-2024-10588 was published Nov 9, 2024
The CE21 Suite plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed
CVE-2024-10294 was published Nov 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database