GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,597 advisories
Filter by severity
A CWE-862 “Missing Authorization” vulnerability in the “measure” functionality of the web...
Moderate
Unreviewed
CVE-2023-45598
was published
Mar 5, 2024
A CWE-862 “Missing Authorization” vulnerability in the “file_configuration” functionality of the...
Moderate
Unreviewed
CVE-2023-45596
was published
Mar 5, 2024
SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing...
Critical
Unreviewed
CVE-2023-40309
was published
Sep 15, 2023
SAP NetWeaver Application Server ABAP and ABAP Platform - versions SAP_BASIS 700, SAP_BASIS 701,...
Moderate
Unreviewed
CVE-2023-37492
was published
Aug 8, 2023
The EU/UK VAT Manager for WooCommerce plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-9189
was published
Sep 28, 2024
In Eclipse Dataspace Components versions 0.1.3 to 0.9.0, the Connector component filters which...
Moderate
Unreviewed
CVE-2024-9202
was published
Sep 27, 2024
Nomad Search API Leaks Information About CSI Plugins
Moderate
CVE-2023-3300
was published
for
github.com/hashicorp/nomad
(Go)
Jul 20, 2023
Nomad ACL Policies without Label are Applied to Unexpected Resources
Moderate
CVE-2023-3072
was published
for
github.com/hashicorp/nomad
(Go)
Jul 20, 2023
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress...
Moderate
Unreviewed
CVE-2024-8771
was published
Sep 26, 2024
The Sight – Professional Image Gallery and Portfolio plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-9025
was published
Sep 26, 2024
Missing Authorization vulnerability in Stuart Wilson Joy Of Text Lite.This issue affects Joy Of...
Moderate
Unreviewed
CVE-2024-47337
was published
Sep 26, 2024
Missing Authorization vulnerability in Supsystic Slider by Supsystic, Supsystic Social Share...
Moderate
Unreviewed
CVE-2024-47330
was published
Sep 26, 2024
The Download Monitor plugin for WordPress is vulnerable to unauthorized modification of data due...
Moderate
Unreviewed
CVE-2024-8552
was published
Sep 26, 2024
The Revolut Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-8678
was published
Sep 25, 2024
The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks...
Moderate
Unreviewed
CVE-2024-8658
was published
Sep 25, 2024
The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-7491
was published
Sep 25, 2024
The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to privilege escalation in...
High
Unreviewed
CVE-2024-8349
was published
Sep 25, 2024
The Easy Mega Menu Plugin for WordPress – ThemeHunk plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-8434
was published
Sep 25, 2024
The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to user group add due to a...
Low
Unreviewed
CVE-2024-8350
was published
Sep 25, 2024
The Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular...
Moderate
Unreviewed
CVE-2024-6590
was published
Sep 25, 2024
The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-8437
was published
Sep 25, 2024
Synapse does not apply enough checks to servers requesting auth events of events in a room
High
CVE-2022-39335
was published
for
matrix-synapse
(pip)
May 24, 2023
The Appointment & Event Booking Calendar Plugin – Webba Booking plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-8432
was published
Sep 24, 2024
Permissions not properly checked in Invenio-Drafts-Resources
Moderate
CVE-2021-43781
was published
for
invenio-app-rdm
(pip)
Dec 6, 2021
The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-4450
was published
Jun 19, 2024
ProTip!
Advisories are also available from the
GraphQL API