GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
104,852 advisories
Filter by severity
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to...
Moderate
Unreviewed
CVE-2024-20434
was published
Sep 25, 2024
A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow...
Moderate
Unreviewed
CVE-2024-20414
was published
Sep 25, 2024
dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin...
Moderate
Unreviewed
CVE-2024-46485
was published
Sep 25, 2024
dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via...
Moderate
Unreviewed
CVE-2024-46600
was published
Sep 25, 2024
Insertion of Sensitive Information into Log File vulnerability in StylemixThemes Masterstudy LMS...
Moderate
Unreviewed
CVE-2024-43990
was published
Sep 25, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in TaxoPress WordPress...
Moderate
Unreviewed
CVE-2024-43237
was published
Sep 25, 2024
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-8546
was published
Sep 25, 2024
The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-8858
was published
Sep 25, 2024
The Revolut Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-8678
was published
Sep 25, 2024
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive...
Moderate
Unreviewed
CVE-2024-8910
was published
Sep 25, 2024
The Ninja Forms Contact Form plugin for WordPress is vulnerable to Reflected Self-Based Cross...
Moderate
Unreviewed
CVE-2024-3866
was published
Sep 25, 2024
The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin...
Moderate
Unreviewed
CVE-2024-9169
was published
Sep 25, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-47303
was published
Sep 25, 2024
The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Information Exposure in...
Moderate
Unreviewed
CVE-2024-8516
was published
Sep 25, 2024
The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks...
Moderate
Unreviewed
CVE-2024-8658
was published
Sep 25, 2024
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution ...
Moderate
Unreviewed
CVE-2024-8668
was published
Sep 25, 2024
The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-8515
was published
Sep 25, 2024
The adstxt Plugin WordPress plugin through 1.0.0 does not have CSRF check in place when updating...
Moderate
Unreviewed
CVE-2024-7892
was published
Sep 25, 2024
The Chatbot with ChatGPT WordPress plugin before 2.4.6 does not have proper authorization in one...
Moderate
Unreviewed
CVE-2024-6845
was published
Sep 25, 2024
The WP ULike WordPress plugin before 4.7.4 does not sanitise and escape some of its settings,...
Moderate
Unreviewed
CVE-2024-7878
was published
Sep 25, 2024
The Material Design Icons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-9024
was published
Sep 25, 2024
The OneElements – Best Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-9068
was published
Sep 25, 2024
The Beam me up Scotty – Back to Top Button plugin for WordPress is vulnerable to Reflected Cross...
Moderate
Unreviewed
CVE-2024-8741
was published
Sep 25, 2024
The Kodex Posts likes plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to...
Moderate
Unreviewed
CVE-2024-8713
was published
Sep 25, 2024
The WPZOOM Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-9027
was published
Sep 25, 2024
ProTip!
Advisories are also available from the
GraphQL API