GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
238,504 advisories
Filter by severity
The WP Category Dropdown plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-8103
was published
Sep 25, 2024
The password recovery mechanism for the forgotten password in Riello Netman 204 allows an...
Critical
Unreviewed
CVE-2024-8878
was published
Sep 25, 2024
The AnWP Football Leagues plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-8917
was published
Sep 25, 2024
Improper neutralization of special elements results in a SQL Injection vulnerability in Riello...
Moderate
Unreviewed
CVE-2024-8877
was published
Sep 25, 2024
Path traversal vulnerability in Scriptcase version 9.4.019, in /scriptcase/devel/compat...
High
Unreviewed
CVE-2024-8941
was published
Sep 25, 2024
The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for...
Moderate
Unreviewed
CVE-2024-7426
was published
Sep 25, 2024
Vulnerability in Scriptcase version 9.4.019 that consists of a Cross-Site Scripting (XSS), due to...
Moderate
Unreviewed
CVE-2024-8942
was published
Sep 25, 2024
The REST API TO MiniProgram plugin for WordPress is vulnerable to SQL Injection via the 'order'...
High
Unreviewed
CVE-2024-8484
was published
Sep 25, 2024
The Contact Form to Any API plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
High
Unreviewed
CVE-2024-7617
was published
Sep 25, 2024
The MAS Static Content plugin for WordPress is vulnerable to Information Exposure in all versions...
Moderate
Unreviewed
CVE-2024-8483
was published
Sep 25, 2024
The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to user group add due to a...
Low
Unreviewed
CVE-2024-8350
was published
Sep 25, 2024
The Easy PayPal Events plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Moderate
Unreviewed
CVE-2024-8476
was published
Sep 25, 2024
The REST API TO MiniProgram plugin for WordPress is vulnerable to privilege escalation via...
Critical
Unreviewed
CVE-2024-8485
was published
Sep 25, 2024
The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-7491
was published
Sep 25, 2024
The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to privilege escalation in...
High
Unreviewed
CVE-2024-8349
was published
Sep 25, 2024
The The Special Text Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in...
High
Unreviewed
CVE-2024-8481
was published
Sep 25, 2024
The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-8437
was published
Sep 25, 2024
The Happy Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information...
Moderate
Unreviewed
CVE-2024-8801
was published
Sep 25, 2024
Integer overflow in Skia in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to...
High
Unreviewed
CVE-2024-9123
was published
Sep 25, 2024
Franklin Fueling Systems TS-550 EVO versions prior to 2.26.4.8967 possess a file that can be read...
High
Unreviewed
CVE-2024-8497
was published
Sep 25, 2024
IceCMS v3.4.7 and before was discovered to contain a hardcoded JWT key, allowing an attacker to...
Critical
Unreviewed
CVE-2024-46612
was published
Sep 25, 2024
In versions of Helix Core prior to 2024.1 Patch 2 (2024.1/2655224) a Windows ANSI API Unicode ...
Moderate
Unreviewed
CVE-2024-8067
was published
Sep 25, 2024
Cross-Site Scripting (XSS) vulnerability in the Oct8ne system. This flaw could allow an attacker...
Moderate
Unreviewed
CVE-2024-9141
was published
Sep 25, 2024
The Easy Mega Menu Plugin for WordPress – ThemeHunk plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-8434
was published
Sep 25, 2024
Incorrect access control in IceCMS v3.4.7 and before allows attackers to authenticate by entering...
High
Unreviewed
CVE-2024-46607
was published
Sep 25, 2024
ProTip!
Advisories are also available from the
GraphQL API