Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,910 advisories

Loading
The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks... Moderate Unreviewed
CVE-2024-8658 was published Sep 25, 2024
The Revolut Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2024-8678 was published Sep 25, 2024
Missing Authorization vulnerability in Supsystic Slider by Supsystic, Supsystic Social Share... Moderate Unreviewed
CVE-2024-47330 was published Sep 26, 2024
The Download Monitor plugin for WordPress is vulnerable to unauthorized modification of data due... Moderate Unreviewed
CVE-2024-8552 was published Sep 26, 2024
Missing Authorization vulnerability in Stuart Wilson Joy Of Text Lite.This issue affects Joy Of... Moderate Unreviewed
CVE-2024-47337 was published Sep 26, 2024
The Sight – Professional Image Gallery and Portfolio plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-9025 was published Sep 26, 2024
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress... Moderate Unreviewed
CVE-2024-8771 was published Sep 26, 2024
Nomad ACL Policies without Label are Applied to Unexpected Resources Moderate
CVE-2023-3072 was published for github.com/hashicorp/nomad (Go) Jul 20, 2023
anonymous4ACL24
Nomad Search API Leaks Information About CSI Plugins Moderate
CVE-2023-3300 was published for github.com/hashicorp/nomad (Go) Jul 20, 2023
anonymous4ACL24
In Eclipse Dataspace Components versions 0.1.3 to 0.9.0, the Connector component filters which... Moderate Unreviewed
CVE-2024-9202 was published Sep 27, 2024
The EU/UK VAT Manager for WooCommerce plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2024-9189 was published Sep 28, 2024
SAP NetWeaver Application Server ABAP and ABAP Platform - versions SAP_BASIS 700, SAP_BASIS 701,... Moderate Unreviewed
CVE-2023-37492 was published Aug 8, 2023
SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing... Critical Unreviewed
CVE-2023-40309 was published Sep 15, 2023
A CWE-862 “Missing Authorization” vulnerability in the “file_configuration” functionality of the... Moderate Unreviewed
CVE-2023-45596 was published Mar 5, 2024
A CWE-862 “Missing Authorization” vulnerability in the “measure” functionality of the web... Moderate Unreviewed
CVE-2023-45598 was published Mar 5, 2024
The KB Support – WordPress Help Desk and Knowledge Base plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-8632 was published Oct 1, 2024
The KB Support – WordPress Help Desk and Knowledge Base plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-8548 was published Oct 1, 2024
The Spice Starter Sites plugin for WordPress is vulnerable to unauthorized modification of data... Moderate Unreviewed
CVE-2024-8430 was published Oct 1, 2024
The Soumettre.fr plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed
CVE-2024-8675 was published Oct 1, 2024
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been... Moderate Unreviewed
CVE-2024-9297 was published Sep 28, 2024
MoinMoin improper access control on the included page for the rst parser Moderate
CVE-2008-6548 was published for moin (pip) May 17, 2022
A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low... Moderate Unreviewed
CVE-2024-20477 was published Oct 2, 2024
A vulnerability in the REST API endpoints of Cisco Nexus Dashboard could allow an authenticated,... Moderate Unreviewed
CVE-2024-20442 was published Oct 2, 2024
The organization selector in Liferay Portal 7.4.3.81 through 7.4.3.85, and Liferay DXP 7.4 update... Moderate Unreviewed
CVE-2023-3426 was published Aug 2, 2023
An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.1.5,... Moderate Unreviewed
CVE-2023-4630 was published Sep 11, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database