Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,597 advisories

Loading
A CWE-862 “Missing Authorization” vulnerability in the “measure” functionality of the web... Moderate Unreviewed
CVE-2023-45598 was published Mar 5, 2024
A CWE-862 “Missing Authorization” vulnerability in the “file_configuration” functionality of the... Moderate Unreviewed
CVE-2023-45596 was published Mar 5, 2024
SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing... Critical Unreviewed
CVE-2023-40309 was published Sep 15, 2023
SAP NetWeaver Application Server ABAP and ABAP Platform - versions SAP_BASIS 700, SAP_BASIS 701,... Moderate Unreviewed
CVE-2023-37492 was published Aug 8, 2023
The EU/UK VAT Manager for WooCommerce plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2024-9189 was published Sep 28, 2024
In Eclipse Dataspace Components versions 0.1.3 to 0.9.0, the Connector component filters which... Moderate Unreviewed
CVE-2024-9202 was published Sep 27, 2024
Nomad Search API Leaks Information About CSI Plugins Moderate
CVE-2023-3300 was published for github.com/hashicorp/nomad (Go) Jul 20, 2023
anonymous4ACL24
Nomad ACL Policies without Label are Applied to Unexpected Resources Moderate
CVE-2023-3072 was published for github.com/hashicorp/nomad (Go) Jul 20, 2023
anonymous4ACL24
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress... Moderate Unreviewed
CVE-2024-8771 was published Sep 26, 2024
The Sight – Professional Image Gallery and Portfolio plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-9025 was published Sep 26, 2024
Missing Authorization vulnerability in Stuart Wilson Joy Of Text Lite.This issue affects Joy Of... Moderate Unreviewed
CVE-2024-47337 was published Sep 26, 2024
Missing Authorization vulnerability in Supsystic Slider by Supsystic, Supsystic Social Share... Moderate Unreviewed
CVE-2024-47330 was published Sep 26, 2024
The Download Monitor plugin for WordPress is vulnerable to unauthorized modification of data due... Moderate Unreviewed
CVE-2024-8552 was published Sep 26, 2024
The Revolut Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2024-8678 was published Sep 25, 2024
The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks... Moderate Unreviewed
CVE-2024-8658 was published Sep 25, 2024
The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-7491 was published Sep 25, 2024
The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to privilege escalation in... High Unreviewed
CVE-2024-8349 was published Sep 25, 2024
The Easy Mega Menu Plugin for WordPress – ThemeHunk plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-8434 was published Sep 25, 2024
The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to user group add due to a... Low Unreviewed
CVE-2024-8350 was published Sep 25, 2024
The Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular... Moderate Unreviewed
CVE-2024-6590 was published Sep 25, 2024
The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2024-8437 was published Sep 25, 2024
Synapse does not apply enough checks to servers requesting auth events of events in a room High
CVE-2022-39335 was published for matrix-synapse (pip) May 24, 2023
The Appointment & Event Booking Calendar Plugin – Webba Booking plugin for WordPress is... Moderate Unreviewed
CVE-2024-8432 was published Sep 24, 2024
Permissions not properly checked in Invenio-Drafts-Resources Moderate
CVE-2021-43781 was published for invenio-app-rdm (pip) Dec 6, 2021
lnielsen
The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2024-4450 was published Jun 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database