GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
108,365 advisories
Filter by severity
A script injection vulnerability was found in the Debezium database connector, where it does not...
Moderate
Unreviewed
CVE-2023-1419
was published
Nov 17, 2024
A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's...
Moderate
Unreviewed
CVE-2023-6110
was published
Nov 17, 2024
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Moderate
Unreviewed
CVE-2024-52386
was published
Nov 17, 2024
The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-10592
was published
Nov 16, 2024
The 404 Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all...
Moderate
Unreviewed
CVE-2024-11094
was published
Nov 16, 2024
The Exclusive Divi – Divi Preloader, Modules for Divi & Extra Theme plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-9386
was published
Nov 16, 2024
The BulkPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use...
Moderate
Unreviewed
CVE-2024-9615
was published
Nov 16, 2024
The SVG Case Study plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File...
Moderate
Unreviewed
CVE-2024-9850
was published
Nov 16, 2024
The PeproDev WooCommerce Receipt Uploader plugin for WordPress is vulnerable to Reflected Cross...
Moderate
Unreviewed
CVE-2024-8873
was published
Nov 16, 2024
The Bounce Handler MailPoet 3 plugin for WordPress is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-9938
was published
Nov 16, 2024
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access...
Moderate
Unreviewed
CVE-2024-10614
was published
Nov 16, 2024
The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-6628
was published
Nov 16, 2024
The PJW Mime Config plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG...
Moderate
Unreviewed
CVE-2024-10017
was published
Nov 16, 2024
The Steel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's btn...
Moderate
Unreviewed
CVE-2024-10147
was published
Nov 16, 2024
The ConvertCalculator for WordPress plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-10015
was published
Nov 16, 2024
The SimpleForm Contact Form Submissions plugin for WordPress is vulnerable to Reflected Cross...
Moderate
Unreviewed
CVE-2024-10884
was published
Nov 16, 2024
The SimpleForm – Contact form made simple plugin for WordPress is vulnerable to Reflected Cross...
Moderate
Unreviewed
CVE-2024-10883
was published
Nov 16, 2024
The Gallery Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to...
Moderate
Unreviewed
CVE-2024-10875
was published
Nov 16, 2024
The 404 Error Monitor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Moderate
Unreviewed
CVE-2024-11118
was published
Nov 16, 2024
The WP Log Viewer plugin for WordPress is vulnerable to unauthorized use of functionality due to...
Moderate
Unreviewed
CVE-2024-11085
was published
Nov 16, 2024
The SVGPlus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG...
Moderate
Unreviewed
CVE-2024-11092
was published
Nov 16, 2024
The The Drop Shadow Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in...
Moderate
Unreviewed
CVE-2024-10262
was published
Nov 16, 2024
The WP Chat App plugin for WordPress is vulnerable to unauthorized plugin installation due to a...
Moderate
Unreviewed
CVE-2024-10533
was published
Nov 16, 2024
The Popularis Extra plugin for WordPress is vulnerable to Information Exposure in all versions up...
Moderate
Unreviewed
CVE-2024-10795
was published
Nov 16, 2024
The Simple Local Avatars plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2024-10786
was published
Nov 16, 2024
ProTip!
Advisories are also available from the
GraphQL API