Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

723 advisories

Loading
A missing authorization vulnerability has been reported to affect several QNAP operating system... High Unreviewed
CVE-2023-39298 was published Sep 6, 2024
The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized... High Unreviewed
CVE-2024-8480 was published Sep 6, 2024
nGrinder before 3.5.9 allows an attacker to create or update webhook configuration due to lack of... High Unreviewed
CVE-2024-28215 was published Mar 7, 2024
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-8102 was published Sep 4, 2024
The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized administrative actions... High Unreviewed
CVE-2024-5784 was published Aug 30, 2024
Missing access permissions checks in M-Files Client before 23.5.12598.0 allows elevation of... High Unreviewed
CVE-2023-2480 was published May 25, 2023
The WooCommerce Google Feed Manager plugin for WordPress is vulnerable to unauthorized loss of... High Unreviewed
CVE-2024-7258 was published Aug 23, 2024
In injectInputEventToInputFilter of AccessibilityManagerService.java, there is a possible... High Unreviewed
CVE-2024-0038 was published Feb 16, 2024
Missing Authorization vulnerability in creativeon WHMpress allows Accessing Functionality Not... High Unreviewed
CVE-2024-43247 was published Aug 19, 2024
Missing Authorization vulnerability in nouthemes Leopard - WordPress offload media allows... High Unreviewed
CVE-2024-43256 was published Aug 19, 2024
Missing Authorization vulnerability in WP Swings Wallet System for WooCommerce allows Accessing... High Unreviewed
CVE-2024-38699 was published Aug 13, 2024
Missing Authorization vulnerability in anhvnit Woocommerce OpenPos allows Accessing Functionality... High Unreviewed
CVE-2024-37935 was published Aug 13, 2024
The Popup Builder plugin for WordPress is vulnerable to unauthorized modification of data and... High Unreviewed
CVE-2024-2544 was published Jun 15, 2024
A directory listing vulnerability in Best Student Result Management System v1.0 allows attackers... High Unreviewed
CVE-2023-49980 was published Mar 21, 2024
Snipe-IT allows users to promote or demote themselves or other users High
CVE-2024-5685 was published for snipe/snipe-it (Composer) Jun 14, 2024
The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for... High Unreviewed
CVE-2023-6696 was published Jun 15, 2024
The File Manager Pro – Filester plugin for WordPress is vulnerable to unauthorized modification... High Unreviewed
CVE-2024-7031 was published Aug 3, 2024
Authorization bypass in Quarkus High
CVE-2023-6394 was published for io.quarkus:quarkus-smallrye-graphql-client (Maven) Dec 9, 2023
cescoffier
The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to,... High Unreviewed
CVE-2024-6698 was published Aug 1, 2024
A Missing Authorization vulnerability in the Socket Intercept (SI) command file interface of... High Unreviewed
CVE-2024-39546 was published Jul 11, 2024
The Social Auto Poster plugin for WordPress is vulnerable to unauthorized access, modification,... High Unreviewed
CVE-2024-6750 was published Jul 24, 2024
The NI VeriStand Gateway is missing authorization checks when an actor attempts to access File... High Unreviewed
CVE-2024-6805 was published Jul 22, 2024
The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for... High Unreviewed
CVE-2024-6660 was published Jul 17, 2024
The The Moneytizer plugin for WordPress is vulnerable to unauthorized access of data,... High Unreviewed
CVE-2023-6966 was published Jun 6, 2024
Windows Text Services Framework Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-21417 was published Jul 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database