GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,909
Composer 4,270
Erlang 31
GitHub Actions 21
Go 2,044
Maven 5,228
npm 3,736
NuGet 663
pip 3,414
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,236

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

778 advisories

Filter by severity

Sort by

Least recently updated

Vulnerability in the Oracle Product Hub product of Oracle E-Business Suite (component: Item... High Unreviewed

CVE-2024-21252 was published Oct 15, 2024

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed

CVE-2024-21215 was published Oct 15, 2024

In Splunk Enterprise versions below 9.3.1, and 9.2.0 versions below 9.2.3, and Splunk Cloud... High Unreviewed

CVE-2024-45732 was published Oct 14, 2024

Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability High Unreviewed

CVE-2024-38179 was published Oct 8, 2024

** UNSUPPORTED WHEN ASSIGNED ** This vulnerability exists in D3D Security IP Camera due to usage... High Unreviewed

CVE-2024-47790 was published Oct 4, 2024

The KB Support – WordPress Help Desk and Knowledge Base plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-8548 was published Oct 1, 2024

The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to privilege escalation in... High Unreviewed

CVE-2024-8349 was published Sep 25, 2024

In wifi_item_edit_content of styles.xml , there is a possible FRP bypass due to Missing check for... High Unreviewed

CVE-2024-40650 was published Sep 11, 2024

In onCreate of SettingsHomepageActivity.java, there is a possible way to access the Settings app... High Unreviewed

CVE-2024-40652 was published Sep 11, 2024

A missing authorization vulnerability allows a local low-privileged user on the machine to... High Unreviewed

CVE-2024-40709 was published Sep 7, 2024

A missing authorization vulnerability has been reported to affect several QNAP operating system... High Unreviewed

CVE-2023-39298 was published Sep 6, 2024

D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows... High Unreviewed

CVE-2024-44408 was published Sep 6, 2024

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized... High Unreviewed

CVE-2024-8480 was published Sep 6, 2024

The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-8102 was published Sep 4, 2024

The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized administrative actions... High Unreviewed

CVE-2024-5784 was published Aug 30, 2024

The WooCommerce Google Feed Manager plugin for WordPress is vulnerable to unauthorized loss of... High Unreviewed

CVE-2024-7258 was published Aug 23, 2024

Missing Authorization vulnerability in creativeon WHMpress allows Accessing Functionality Not... High Unreviewed

CVE-2024-43247 was published Aug 19, 2024

Missing Authorization vulnerability in nouthemes Leopard - WordPress offload media allows... High Unreviewed

CVE-2024-43256 was published Aug 19, 2024

Pi-hole before 6 allows unauthenticated admin/api.php?setTempUnit= calls to change the... High Unreviewed

CVE-2024-44069 was published Aug 19, 2024

Missing Authorization vulnerability in WP Swings Wallet System for WooCommerce allows Accessing... High Unreviewed

CVE-2024-38699 was published Aug 13, 2024

Missing Authorization vulnerability in anhvnit Woocommerce OpenPos allows Accessing Functionality... High Unreviewed

CVE-2024-37935 was published Aug 13, 2024

A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was... High Unreviewed

CVE-2024-6760 was published Aug 12, 2024

The File Manager Pro – Filester plugin for WordPress is vulnerable to unauthorized modification... High Unreviewed

CVE-2024-7031 was published Aug 3, 2024

The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to,... High Unreviewed

CVE-2024-6698 was published Aug 1, 2024

The Social Auto Poster plugin for WordPress is vulnerable to unauthorized access, modification,... High Unreviewed

CVE-2024-6750 was published Jul 24, 2024

Previous 1 2 3 4 5 6 7 … 31 32 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

778 advisories