Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

113,773 advisories

Loading
The Rank Math SEO with AI SEO Tools plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-3665 was published Apr 23, 2024
The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-3491 was published Apr 23, 2024
The GeoDirectory – WordPress Business Directory Plugin, or Classified Directory plugin for... Moderate Unreviewed
CVE-2024-3732 was published Apr 23, 2024
The Quick Featured Images plugin for WordPress is vulnerable to unauthorized modification of data... Moderate Unreviewed
CVE-2024-3664 was published Apr 23, 2024
The Elespare – Build Your Blog, News & Magazine Websites with Expert-Designed Template Kits. One... Moderate Unreviewed
CVE-2024-0900 was published Apr 23, 2024
A key used in logging.json does not follow the least privilege principle by default and is... Moderate Unreviewed
CVE-2024-3185 was published Apr 23, 2024
Unquoted Search Path or Element vulnerability in Logitech MEVO WEBCAM APP on Windows allows Local... Moderate Unreviewed
CVE-2024-4031 was published Apr 23, 2024
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-3889 was published Apr 23, 2024
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-2798 was published Apr 23, 2024
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-2799 was published Apr 23, 2024
Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center... Moderate Unreviewed
CVE-2023-6833 was published Apr 23, 2024
Watchdog Antivirus v1.6.415 is vulnerable to a Denial of Service vulnerability by triggering the... Moderate Unreviewed
CVE-2024-1241 was published Apr 23, 2024
GitBook allows Cross-site Scripting via a local .md file. Moderate
CVE-2019-19596 was published for gitbook (npm) May 24, 2022
CKEditor 4 ReDoS Vulnerability Moderate
CVE-2021-26271 was published for ckeditor4-dev (npm) May 24, 2022
Shiba vulnerable to XSS leading to code execution Moderate
CVE-2017-1000491 was published for shiba (npm) May 14, 2022
Keycloak discloses information without authentication Moderate
CVE-2020-27838 was published for org.keycloak:keycloak-core (Maven) May 24, 2022
Keycloak leaks sensitive information in logged exceptions Moderate
CVE-2020-1698 was published for org.keycloak:keycloak-core (Maven) May 24, 2022
Tryton Information Disclosure Vulnerability Moderate
CVE-2017-0360 was published for trytond (pip) May 13, 2022
snapcraft Access Restriction Bypass Moderate
CVE-2020-27348 was published for snapcraft (pip) May 24, 2022
Plone Cross-site Scripting Vulnerability Moderate
CVE-2015-7316 was published for plone (pip) May 17, 2022
Plone XSS in Zope ZMI Moderate
CVE-2016-7147 was published for plone (pip) May 17, 2022
Plone XSS in User Fullname Property and File Upload Moderate
CVE-2021-3313 was published for plone (pip) May 24, 2022
Plone XSS Vulnerability Moderate
CVE-2021-29002 was published for plone (pip) May 24, 2022
OctoPrint Incorrect Access Control Moderate
CVE-2021-32560 was published for octoprint (pip) May 24, 2022
GNU Mailman Postorius Access Control Issues Moderate
CVE-2021-40347 was published for postorius (pip) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database