Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,000 advisories

Loading
Missing Authorization vulnerability in Harmonic Design HD Quiz – Save Results Light allows... Moderate Unreviewed
CVE-2024-49689 was published Nov 19, 2024
Missing Authorization vulnerability in Rextheme WP VR allows Exploiting Incorrectly Configured... Moderate Unreviewed
CVE-2024-49680 was published Nov 19, 2024
Missing Authorization vulnerability in BoldThemes Bold Page Builder allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2024-50417 was published Nov 19, 2024
Missing Authorization vulnerability in CodeZel Combo WP Rewrite Slugs allows Exploiting... Moderate Unreviewed
CVE-2024-51817 was published Nov 19, 2024
Missing Authorization vulnerability in QunatumCloud Floating Buttons for WooCommerce allows... Moderate Unreviewed
CVE-2024-52395 was published Nov 19, 2024
Improper Access Control in janeczku/calibre-web Moderate
CVE-2021-3987 was published for calibreweb (pip) Nov 15, 2024
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-10900 was published Nov 20, 2024
The Yaad Sarig Payment Gateway For WC plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2024-10665 was published Nov 20, 2024
The WP Project Manager plugin for WordPress is vulnerable to unauthorized modification of data... Moderate Unreviewed
CVE-2024-10520 was published Nov 20, 2024
The PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes plugin... Moderate Unreviewed
CVE-2024-11154 was published Nov 20, 2024
The Breakdance plugin for WordPress is vulnerable to unauthorized access of data in all versions... Moderate Unreviewed
CVE-2024-5331 was published Aug 1, 2024
The Ultimate YouTube Video & Shorts Player With Vimeo plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-11355 was published Nov 22, 2024
The WPDash Notes plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed
CVE-2024-9223 was published Nov 23, 2024
The WP User Manager – User Profile Builder & Membership plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-10216 was published Nov 23, 2024
The WP User Manager – User Profile Builder & Membership plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-10537 was published Nov 23, 2024
The Product Table for WooCommerce by CodeAstrology (wooproducttable.com) plugin for WordPress is... Moderate Unreviewed
CVE-2024-10813 was published Nov 23, 2024
The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is... Moderate Unreviewed
CVE-2024-10606 was published Nov 23, 2024
A vulnerability was found in 3Scale. There is no auth mechanism to see a PDF invoice of a... Moderate Unreviewed
CVE-2024-9671 was published Oct 9, 2024
An issue was discovered in Zammad before 6.3.0. An authenticated agent could perform a remote... Moderate Unreviewed
CVE-2024-33667 was published Apr 26, 2024
Cilium's Layer 7 policy enforcement may not occur in policies with wildcarded port ranges Moderate
CVE-2024-52529 was published for github.com/cilium/cilium (Go) Nov 25, 2024
Dell Wyse Management Suite, version WMS 4.4 and prior, contain a Missing Authorization... Moderate Unreviewed
CVE-2024-49596 was published Nov 26, 2024
The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-10579 was published Nov 26, 2024
The Ultimate YouTube Video & Shorts Player With Vimeo plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-11354 was published Nov 26, 2024
The My Contador lesr plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed
CVE-2024-11334 was published Nov 26, 2024
The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-10580 was published Nov 27, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database