Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

104,852 advisories

Loading
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to... Moderate Unreviewed
CVE-2024-20434 was published Sep 25, 2024
A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow... Moderate Unreviewed
CVE-2024-20414 was published Sep 25, 2024
dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin... Moderate Unreviewed
CVE-2024-46485 was published Sep 25, 2024
dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via... Moderate Unreviewed
CVE-2024-46600 was published Sep 25, 2024
Insertion of Sensitive Information into Log File vulnerability in StylemixThemes Masterstudy LMS... Moderate Unreviewed
CVE-2024-43990 was published Sep 25, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in TaxoPress WordPress... Moderate Unreviewed
CVE-2024-43237 was published Sep 25, 2024
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-8546 was published Sep 25, 2024
The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-8858 was published Sep 25, 2024
The Revolut Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2024-8678 was published Sep 25, 2024
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2024-8910 was published Sep 25, 2024
The Ninja Forms Contact Form plugin for WordPress is vulnerable to Reflected Self-Based Cross... Moderate Unreviewed
CVE-2024-3866 was published Sep 25, 2024
The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin... Moderate Unreviewed
CVE-2024-9169 was published Sep 25, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-47303 was published Sep 25, 2024
The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Information Exposure in... Moderate Unreviewed
CVE-2024-8516 was published Sep 25, 2024
The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks... Moderate Unreviewed
CVE-2024-8658 was published Sep 25, 2024
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution ... Moderate Unreviewed
CVE-2024-8668 was published Sep 25, 2024
The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-8515 was published Sep 25, 2024
The adstxt Plugin WordPress plugin through 1.0.0 does not have CSRF check in place when updating... Moderate Unreviewed
CVE-2024-7892 was published Sep 25, 2024
The Chatbot with ChatGPT WordPress plugin before 2.4.6 does not have proper authorization in one... Moderate Unreviewed
CVE-2024-6845 was published Sep 25, 2024
The WP ULike WordPress plugin before 4.7.4 does not sanitise and escape some of its settings,... Moderate Unreviewed
CVE-2024-7878 was published Sep 25, 2024
The Material Design Icons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-9024 was published Sep 25, 2024
The OneElements – Best Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-9068 was published Sep 25, 2024
The Beam me up Scotty – Back to Top Button plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed
CVE-2024-8741 was published Sep 25, 2024
The Kodex Posts likes plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to... Moderate Unreviewed
CVE-2024-8713 was published Sep 25, 2024
The WPZOOM Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-9027 was published Sep 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database