GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,581 advisories
Filter by severity
SAP Document Builder does not perform necessary authorization checks for one of the function...
Moderate
Unreviewed
CVE-2024-39591
was published
Aug 13, 2024
In SAP BusinessObjects Business Intelligence
Platform, if Single Signed On is enabled on...
Critical
Unreviewed
CVE-2024-41730
was published
Aug 13, 2024
Due to the missing authorization checks in the
local systems, the admin users of SAP Web...
Moderate
Unreviewed
CVE-2024-33005
was published
Aug 13, 2024
Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization vulnerability...
Moderate
Unreviewed
CVE-2024-37930
was published
Aug 13, 2024
The Opal Membership plugin for WordPress is vulnerable to Sensitive Information Exposure in all...
Moderate
Unreviewed
CVE-2024-7648
was published
Aug 12, 2024
The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-7621
was published
Aug 12, 2024
CometVisu Backend for openHAB has a sensitive information disclosure vulnerability
Moderate
CVE-2024-42470
was published
for
org.openhab.ui.bundles:org.openhab.ui.cometvisu
(Maven)
Aug 9, 2024
The Premium Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification...
Moderate
Unreviewed
CVE-2024-6824
was published
Aug 8, 2024
The Orchid Store theme for WordPress is vulnerable to unauthorized modification of data due to a...
Moderate
Unreviewed
CVE-2024-6987
was published
Aug 8, 2024
The Falang multilanguage for WordPress plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-6869
was published
Aug 8, 2024
Jenkins does not perform a permission check in an HTTP endpoint
Moderate
CVE-2024-43045
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Aug 7, 2024
The Sync Post With Other Site plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2024-6709
was published
Aug 3, 2024
The Build Your Dream Website Fast with 400+ Starter Templates and Landing Pages, No Coding Needed...
Moderate
Unreviewed
CVE-2024-6872
was published
Aug 3, 2024
The File Manager Pro – Filester plugin for WordPress is vulnerable to unauthorized modification...
High
Unreviewed
CVE-2024-7031
was published
Aug 3, 2024
The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to,...
High
Unreviewed
CVE-2024-6698
was published
Aug 1, 2024
The AdFoxly – Ad Manager, AdSense Ads & Ads.txt plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-1715
was published
Aug 1, 2024
XWiki Platform vulnerable to remote code execution from account via SearchSuggestConfigSheet
Critical
CVE-2024-37901
was published
for
org.xwiki.platform:xwiki-platform-search-ui
(Maven)
Jul 31, 2024
XWiki Platform vulnerable to document deletion and overwrite from edit
Moderate
CVE-2024-37898
was published
for
org.xwiki.platform:xwiki-platform-oldcore
(Maven)
Jul 31, 2024
The Tainacan plugin for WordPress is vulnerable to unauthorized access of data due to a missing...
Moderate
Unreviewed
CVE-2024-7135
was published
Jul 31, 2024
The WP Mobile Menu plugin for WordPress is vulnerable to unauthorized modification of data due to...
Moderate
Unreviewed
CVE-2024-2508
was published
Jul 31, 2024
The WooCommerce Product Table Lite plugin for WordPress is vulnerable to unauthorized post title...
Moderate
Unreviewed
CVE-2024-6458
was published
Jul 27, 2024
The Ultimate WordPress Auction Plugin plugin for WordPress is vulnerable to unauthorized email...
Moderate
Unreviewed
CVE-2024-6591
was published
Jul 27, 2024
The IgnitionDeck Crowdfunding Platform plugin for WordPress is vulnerable to Missing...
Moderate
Unreviewed
CVE-2024-4410
was published
Jul 27, 2024
The Tutor LMS – Migration Tool plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2024-1804
was published
Jul 27, 2024
The Tutor LMS – Migration Tool plugin for WordPress is vulnerable to unauthorized access of data...
Moderate
Unreviewed
CVE-2024-1798
was published
Jul 27, 2024
ProTip!
Advisories are also available from the
GraphQL API