GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
706 advisories
Filter by severity
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)...
High
Unreviewed
CVE-2024-21215
was published
Oct 15, 2024
In Splunk Enterprise versions below 9.3.1, and 9.2.0 versions below 9.2.3, and Splunk Cloud...
High
Unreviewed
CVE-2024-45732
was published
Oct 14, 2024
Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38179
was published
Oct 8, 2024
** UNSUPPORTED WHEN ASSIGNED ** This vulnerability exists in D3D Security IP Camera due to usage...
High
Unreviewed
CVE-2024-47790
was published
Oct 4, 2024
The KB Support – WordPress Help Desk and Knowledge Base plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-8548
was published
Oct 1, 2024
The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to privilege escalation in...
High
Unreviewed
CVE-2024-8349
was published
Sep 25, 2024
In wifi_item_edit_content of styles.xml , there is a possible FRP bypass due to Missing check for...
High
Unreviewed
CVE-2024-40650
was published
Sep 11, 2024
In onCreate of SettingsHomepageActivity.java, there is a possible way to access the Settings app...
High
Unreviewed
CVE-2024-40652
was published
Sep 11, 2024
A missing authorization vulnerability allows a local low-privileged user on the machine to...
High
Unreviewed
CVE-2024-40709
was published
Sep 7, 2024
A missing authorization vulnerability has been reported to affect several QNAP operating system...
High
Unreviewed
CVE-2023-39298
was published
Sep 6, 2024
D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows...
High
Unreviewed
CVE-2024-44408
was published
Sep 6, 2024
The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized...
High
Unreviewed
CVE-2024-8480
was published
Sep 6, 2024
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-8102
was published
Sep 4, 2024
The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized administrative actions...
High
Unreviewed
CVE-2024-5784
was published
Aug 30, 2024
The WooCommerce Google Feed Manager plugin for WordPress is vulnerable to unauthorized loss of...
High
Unreviewed
CVE-2024-7258
was published
Aug 23, 2024
Missing Authorization vulnerability in creativeon WHMpress allows Accessing Functionality Not...
High
Unreviewed
CVE-2024-43247
was published
Aug 19, 2024
Missing Authorization vulnerability in nouthemes Leopard - WordPress offload media allows...
High
Unreviewed
CVE-2024-43256
was published
Aug 19, 2024
Pi-hole before 6 allows unauthenticated admin/api.php?setTempUnit= calls to change the...
High
Unreviewed
CVE-2024-44069
was published
Aug 19, 2024
Missing Authorization vulnerability in WP Swings Wallet System for WooCommerce allows Accessing...
High
Unreviewed
CVE-2024-38699
was published
Aug 13, 2024
Missing Authorization vulnerability in anhvnit Woocommerce OpenPos allows Accessing Functionality...
High
Unreviewed
CVE-2024-37935
was published
Aug 13, 2024
A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was...
High
Unreviewed
CVE-2024-6760
was published
Aug 12, 2024
The File Manager Pro – Filester plugin for WordPress is vulnerable to unauthorized modification...
High
Unreviewed
CVE-2024-7031
was published
Aug 3, 2024
The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to,...
High
Unreviewed
CVE-2024-6698
was published
Aug 1, 2024
The Social Auto Poster plugin for WordPress is vulnerable to unauthorized access, modification,...
High
Unreviewed
CVE-2024-6750
was published
Jul 24, 2024
The NI VeriStand Gateway is missing authorization checks when an actor attempts to access File...
High
Unreviewed
CVE-2024-6805
was published
Jul 22, 2024
ProTip!
Advisories are also available from the
GraphQL API