GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
706 advisories
Filter by severity
Missing Authorization vulnerability in MultiVendorX WC Marketplace allows Exploiting Incorrectly...
High
Unreviewed
CVE-2023-51355
was published
Dec 9, 2024
Missing Authorization vulnerability in Metagauss User Registration Forms RegistrationMagic allows...
High
Unreviewed
CVE-2023-49831
was published
Dec 9, 2024
Missing Authorization vulnerability in heoLixfy Flexible Woocommerce Checkout Field Editor allows...
High
Unreviewed
CVE-2023-49817
was published
Dec 9, 2024
Missing Authorization vulnerability in RedNao Smart Forms allows Exploiting Incorrectly...
High
Unreviewed
CVE-2023-49856
was published
Dec 9, 2024
Missing Authorization vulnerability in Tips and Tricks HQ, wptipsntricks Stripe Payments allows...
High
Unreviewed
CVE-2023-48286
was published
Dec 9, 2024
Missing Authorization vulnerability in Fullworks Quick Paypal Payments allows Exploiting...
High
Unreviewed
CVE-2023-25714
was published
Dec 9, 2024
Missing Authorization vulnerability in Artisan Workshop Japanized For WooCommerce allows...
High
Unreviewed
CVE-2023-47698
was published
Dec 9, 2024
Missing Authorization vulnerability in Shopfiles Ltd Ebook Store allows Exploiting Incorrectly...
High
Unreviewed
CVE-2023-22701
was published
Dec 9, 2024
WeGIA 3.2.0 before 3998672 does not verify permission to change a password.
High
Unreviewed
CVE-2024-53473
was published
Dec 8, 2024
Missing Authorization vulnerability in brandtoss WP Mailster allows Exploiting Incorrectly...
High
Unreviewed
CVE-2024-53805
was published
Dec 6, 2024
The AI Quiz | Quiz Maker plugin for WordPress is vulnerable to unauthorized modification of data...
High
Unreviewed
CVE-2024-11323
was published
Dec 6, 2024
The Accessibility by AllAccessible plugin for WordPress is vulnerable to unauthorized...
High
Unreviewed
CVE-2024-11643
was published
Dec 4, 2024
The TI WooCommerce Wishlist plugin for WordPress is vulnerable to unauthorized modification of...
High
Unreviewed
CVE-2024-10567
was published
Dec 4, 2024
A vulnerability Veeam Backup & Replication allows low-privileged users to control and modify...
High
Unreviewed
CVE-2024-42453
was published
Dec 4, 2024
An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware...
High
Unreviewed
CVE-2024-53938
was published
Dec 3, 2024
Incorrect access control in the component content://com.handcent.messaging.provider...
High
Unreviewed
CVE-2024-53605
was published
Dec 2, 2024
In checkPermissions of RecognitionService.java, there is a possible permissions bypass due to a...
High
Unreviewed
CVE-2017-13316
was published
Nov 27, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 8.12 before 17.4.5, 17.5...
High
Unreviewed
CVE-2024-8114
was published
Nov 26, 2024
The com.uaudio.bsd.helper service, responsible for handling privileged operations, fails to...
High
Unreviewed
CVE-2024-8272
was published
Nov 25, 2024
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege...
High
Unreviewed
CVE-2024-9941
was published
Nov 23, 2024
NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an...
High
Unreviewed
CVE-2024-0122
was published
Nov 23, 2024
The Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post...
High
Unreviewed
CVE-2024-11104
was published
Nov 22, 2024
The Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post...
High
Unreviewed
CVE-2024-11601
was published
Nov 22, 2024
In multiple functions of ShortcutService.java, there is a possible creation of a spoofed shortcut...
High
Unreviewed
CVE-2018-9469
was published
Nov 20, 2024
In the development options section of the Settings app, there is a possible authentication bypass...
High
Unreviewed
CVE-2018-9477
was published
Nov 20, 2024
ProTip!
Advisories are also available from the
GraphQL API