GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
8,830 advisories
Filter by severity
The Add Admin CSS plugin for WordPress is vulnerable to Full Path Disclosure in all versions up...
Moderate
Unreviewed
CVE-2024-6547
was published
Jul 27, 2024
The Add Admin JavaScript plugin for WordPress is vulnerable to Full Path Disclosure in all...
Moderate
Unreviewed
CVE-2024-6548
was published
Jul 27, 2024
The Admin Post Navigation plugin for WordPress is vulnerable to Full Path Disclosure in all...
Moderate
Unreviewed
CVE-2024-6549
was published
Jul 27, 2024
The Intelligence plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to...
Moderate
Unreviewed
CVE-2024-6573
was published
Jul 27, 2024
The Aramex Shipping WooCommerce plugin for WordPress is vulnerable to Full Path Disclosure in all...
Moderate
Unreviewed
CVE-2024-6566
was published
Jul 27, 2024
The One Click Close Comments plugin for WordPress is vulnerable to Full Path Disclosure in all...
Moderate
Unreviewed
CVE-2024-6546
was published
Jul 27, 2024
A flaw was found in the Openshift console. Several endpoints in the application use the...
Moderate
Unreviewed
CVE-2024-7128
was published
Jul 26, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.6 prior to 17.0.5...
Moderate
Unreviewed
CVE-2024-7091
was published
Jul 25, 2024
An information disclosure vulnerability in GitLab CE/EE in project/group exports affecting all...
Low
Unreviewed
CVE-2024-7060
was published
Jul 25, 2024
An issue was discovered in GitLab EE affecting all versions starting from 16.11 prior to 17.0.5,...
Moderate
Unreviewed
CVE-2024-5067
was published
Jul 25, 2024
The Optimize Images ALT Text (alt tag) & names for SEO using AI plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-6571
was published
Jul 24, 2024
Apache Pinot: Unauthorized endpoint exposed sensitive information
High
CVE-2024-39676
was published
for
org.apache.pinot:pinot-controller
(Maven)
Jul 24, 2024
The WP Meteor Website Speed Optimization Addon plugin for WordPress is vulnerable to Full Path...
Moderate
Unreviewed
CVE-2024-6553
was published
Jul 24, 2024
Apache RocketMQ Vulnerable to Unauthorized Exposure of Sensitive Data
Moderate
CVE-2024-23321
was published
for
org.apache.rocketmq:rocketmq-all
(Maven)
Jul 22, 2024
The Addonify – Quick View For WooCommerce plugin for WordPress is vulnerable to Full Path...
Moderate
Unreviewed
CVE-2024-6560
was published
Jul 20, 2024
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Information Exposure in...
Moderate
Unreviewed
CVE-2024-6455
was published
Jul 18, 2024
A validated user not explicitly authorized to have access to certain sensitive information could...
High
Unreviewed
CVE-2023-40159
was published
Jul 18, 2024
Sentry's Python SDK unintentionally exposes environment variables to subprocesses
Low
CVE-2024-40647
was published
for
sentry-sdk
(pip)
Jul 18, 2024
Gotenberg provides a developer-friendly API to interact with powerful tools like Chromium and...
High
Unreviewed
CVE-2024-40639
was published
Jul 17, 2024
A vulnerability in the protocol handlers of Cisco Webex App could allow an unauthenticated,...
Moderate
Unreviewed
CVE-2024-20396
was published
Jul 17, 2024
Sylius has a security vulnerability via adjustments API endpoint
High
CVE-2024-40633
was published
for
sylius/sylius
(Composer)
Jul 17, 2024
Silverstripe Reports are still accessible even when `canView()` returns false
Moderate
CVE-2024-29885
was published
for
silverstripe/reports
(Composer)
Jul 17, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
High
Unreviewed
CVE-2024-21147
was published
Jul 17, 2024
Vulnerability in the Oracle Process Manufacturing Financials product of Oracle E-Business Suite ...
High
Unreviewed
CVE-2024-21152
was published
Jul 17, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
Moderate
Unreviewed
CVE-2024-21140
was published
Jul 17, 2024
ProTip!
Advisories are also available from the
GraphQL API