GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,678
NuGet
645
pip
3,297
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,681 advisories
Filter by severity
The RFC enabled function module allows a low privileged user to add URLs to any user's workplace...
Moderate
Unreviewed
CVE-2024-44115
was published
Sep 10, 2024
The RFC enabled function module allows a low privileged user to read any user's workplace...
Moderate
Unreviewed
CVE-2024-42380
was published
Sep 10, 2024
The RFC enabled function module allows a low privileged user to delete the workplace favourites...
Moderate
Unreviewed
CVE-2024-42371
was published
Sep 10, 2024
Rapid7 Insight Platform versions between November 2019 and August 14, 2024 suffer from missing...
Low
Unreviewed
CVE-2024-8042
was published
Sep 9, 2024
A missing authorization vulnerability allows a local low-privileged user on the machine to...
High
Unreviewed
CVE-2024-40709
was published
Sep 7, 2024
A missing authorization vulnerability has been reported to affect several QNAP operating system...
High
Unreviewed
CVE-2023-39298
was published
Sep 6, 2024
D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows...
High
Unreviewed
CVE-2024-44408
was published
Sep 6, 2024
The Revision Manager TMC plugin for WordPress is vulnerable to unauthorized arbitrary email...
Moderate
Unreviewed
CVE-2024-7622
was published
Sep 6, 2024
The Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin plugin for...
Moderate
Unreviewed
CVE-2024-8427
was published
Sep 6, 2024
The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized...
High
Unreviewed
CVE-2024-8480
was published
Sep 6, 2024
The Geo Controller plugin for WordPress is vulnerable to unauthorized menu creation/deletion due...
Moderate
Unreviewed
CVE-2024-7380
was published
Sep 5, 2024
The HelloAsso plugin for WordPress is vulnerable to unauthorized modification of data due to a...
Moderate
Unreviewed
CVE-2024-7605
was published
Sep 5, 2024
The Geo Controller plugin for WordPress is vulnerable to unauthorized shortcode execution due to...
Moderate
Unreviewed
CVE-2024-7381
was published
Sep 5, 2024
The Booking for Appointments and Events Calendar – Amelia Premium and Lite plugins for WordPress...
Moderate
Unreviewed
CVE-2024-6332
was published
Sep 5, 2024
The Form Vibes – Database Manager for Forms plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-5309
was published
Sep 5, 2024
The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress...
Critical
Unreviewed
CVE-2024-8289
was published
Sep 4, 2024
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-8102
was published
Sep 4, 2024
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-8121
was published
Sep 4, 2024
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for...
Critical
Unreviewed
CVE-2024-7950
was published
Sep 4, 2024
The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin...
Moderate
Unreviewed
CVE-2024-5053
was published
Sep 1, 2024
LTI 1.3 Grade Pass Back Implementation has Missing Authorization Vulnerability
Low
CVE-2023-23611
was published
for
lti-consumer-xblock
(pip)
Aug 30, 2024
The Media Library Folders plugin for WordPress is vulnerable to unauthorized access due to...
Moderate
Unreviewed
CVE-2024-7858
was published
Aug 30, 2024
The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized administrative actions...
High
Unreviewed
CVE-2024-5784
was published
Aug 30, 2024
Missing Authorization vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Accessing...
Moderate
Unreviewed
CVE-2024-43939
was published
Aug 29, 2024
Missing Authorization vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Accessing...
Moderate
Unreviewed
CVE-2024-43940
was published
Aug 29, 2024
ProTip!
Advisories are also available from the
GraphQL API