GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,581 advisories
Filter by severity
An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Data is transferred...
Critical
Unreviewed
CVE-2024-45168
was published
Aug 22, 2024
The Smart Online Order for Clover plugin for WordPress is vulnerable to unauthorized loss of data...
Moderate
Unreviewed
CVE-2024-7032
was published
Aug 21, 2024
The Smart Online Order for Clover plugin for WordPress is vulnerable to unauthorized modification...
Moderate
Unreviewed
CVE-2024-7030
was published
Aug 21, 2024
The WP Testimonial Widget plugin for WordPress is vulnerable to unauthorized modification of data...
Moderate
Unreviewed
CVE-2024-7390
was published
Aug 21, 2024
The Event Espresso 4 Decaf – Event Registration Event Ticketing plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-6883
was published
Aug 21, 2024
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-5940
was published
Aug 20, 2024
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-5939
was published
Aug 20, 2024
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-5941
was published
Aug 20, 2024
In XWiki Platform, payloads stored in content is executed when a user with script/programming right edit them
Critical
CVE-2024-43401
was published
for
org.xwiki.platform:xwiki-platform-web-templates
(Maven)
Aug 19, 2024
Missing Authorization vulnerability in Jamie Bergen Plugin Notes Plus allows Accessing...
Moderate
Unreviewed
CVE-2024-43326
was published
Aug 19, 2024
Missing Authorization vulnerability in creativeon WHMpress allows Accessing Functionality Not...
High
Unreviewed
CVE-2024-43247
was published
Aug 19, 2024
Missing Authorization vulnerability in nouthemes Leopard - WordPress offload media allows...
High
Unreviewed
CVE-2024-43256
was published
Aug 19, 2024
Missing Authorization vulnerability in Automattic Sensei LMS, Automattic Sensei Pro (WC Paid...
Moderate
Unreviewed
CVE-2024-35686
was published
Aug 19, 2024
The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a...
Moderate
Unreviewed
CVE-2023-4027
was published
Aug 17, 2024
The LadiApp plugn for WordPress is vulnerable to unauthorized modification of data due to a...
Moderate
Unreviewed
CVE-2023-4730
was published
Aug 17, 2024
The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a...
Moderate
Unreviewed
CVE-2023-4024
was published
Aug 17, 2024
The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a...
Moderate
Unreviewed
CVE-2023-4025
was published
Aug 17, 2024
The InPost for WooCommerce plugin and InPost PL plugin for WordPress are vulnerable to...
Critical
Unreviewed
CVE-2024-6500
was published
Aug 17, 2024
Missing Authorization vulnerability in WP Swings Wallet System for WooCommerce allows Accessing...
High
Unreviewed
CVE-2024-38699
was published
Aug 13, 2024
Missing Authorization vulnerability in Igor Benić Recipe Maker For Your Food Blog from Zip...
Moderate
Unreviewed
CVE-2024-38688
was published
Aug 13, 2024
Missing Authorization vulnerability in anhvnit Woocommerce OpenPos allows Accessing Functionality...
High
Unreviewed
CVE-2024-37935
was published
Aug 13, 2024
SAP Student Life Cycle Management (SLcM) fails to conduct proper authorization checks for...
Moderate
Unreviewed
CVE-2024-42373
was published
Aug 13, 2024
SAP Document Builder does not perform necessary authorization checks for one of the function...
Moderate
Unreviewed
CVE-2024-39591
was published
Aug 13, 2024
Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an...
Moderate
Unreviewed
CVE-2024-41734
was published
Aug 13, 2024
SAP shared service framework allows an
authenticated non-administrative user to call a remote...
Moderate
Unreviewed
CVE-2024-42377
was published
Aug 13, 2024
ProTip!
Advisories are also available from the
GraphQL API