GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
113,773 advisories
Filter by severity
The Rank Math SEO with AI SEO Tools plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-3665
was published
Apr 23, 2024
The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-3491
was published
Apr 23, 2024
The GeoDirectory – WordPress Business Directory Plugin, or Classified Directory plugin for...
Moderate
Unreviewed
CVE-2024-3732
was published
Apr 23, 2024
The Quick Featured Images plugin for WordPress is vulnerable to unauthorized modification of data...
Moderate
Unreviewed
CVE-2024-3664
was published
Apr 23, 2024
The Elespare – Build Your Blog, News & Magazine Websites with Expert-Designed Template Kits. One...
Moderate
Unreviewed
CVE-2024-0900
was published
Apr 23, 2024
A key used in logging.json does not follow the least privilege principle by default and is...
Moderate
Unreviewed
CVE-2024-3185
was published
Apr 23, 2024
Unquoted Search Path or Element vulnerability in Logitech MEVO WEBCAM APP on Windows allows Local...
Moderate
Unreviewed
CVE-2024-4031
was published
Apr 23, 2024
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-3889
was published
Apr 23, 2024
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-2798
was published
Apr 23, 2024
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-2799
was published
Apr 23, 2024
Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center...
Moderate
Unreviewed
CVE-2023-6833
was published
Apr 23, 2024
Watchdog Antivirus v1.6.415 is vulnerable to a Denial of Service vulnerability by triggering the...
Moderate
Unreviewed
CVE-2024-1241
was published
Apr 23, 2024
GitBook allows Cross-site Scripting via a local .md file.
Moderate
CVE-2019-19596
was published
for
gitbook
(npm)
May 24, 2022
CKEditor 4 ReDoS Vulnerability
Moderate
CVE-2021-26271
was published
for
ckeditor4-dev
(npm)
May 24, 2022
Shiba vulnerable to XSS leading to code execution
Moderate
CVE-2017-1000491
was published
for
shiba
(npm)
May 14, 2022
Keycloak discloses information without authentication
Moderate
CVE-2020-27838
was published
for
org.keycloak:keycloak-core
(Maven)
May 24, 2022
Keycloak leaks sensitive information in logged exceptions
Moderate
CVE-2020-1698
was published
for
org.keycloak:keycloak-core
(Maven)
May 24, 2022
Tryton Information Disclosure Vulnerability
Moderate
CVE-2017-0360
was published
for
trytond
(pip)
May 13, 2022
snapcraft Access Restriction Bypass
Moderate
CVE-2020-27348
was published
for
snapcraft
(pip)
May 24, 2022
Plone Cross-site Scripting Vulnerability
Moderate
CVE-2015-7316
was published
for
plone
(pip)
May 17, 2022
Plone XSS in User Fullname Property and File Upload
Moderate
CVE-2021-3313
was published
for
plone
(pip)
May 24, 2022
OctoPrint Incorrect Access Control
Moderate
CVE-2021-32560
was published
for
octoprint
(pip)
May 24, 2022
GNU Mailman Postorius Access Control Issues
Moderate
CVE-2021-40347
was published
for
postorius
(pip)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API