GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,404

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

108,363 advisories

Filter by severity

Sort by

Least recently updated

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Moderate Unreviewed

CVE-2024-52386 was published Nov 17, 2024

The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-10592 was published Nov 16, 2024

The 404 Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed

CVE-2024-11094 was published Nov 16, 2024

The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access... Moderate Unreviewed

CVE-2024-10614 was published Nov 16, 2024

The Exclusive Divi – Divi Preloader, Modules for Divi & Extra Theme plugin for WordPress is... Moderate Unreviewed

CVE-2024-9386 was published Nov 16, 2024

The BulkPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use... Moderate Unreviewed

CVE-2024-9615 was published Nov 16, 2024

The SVG Case Study plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File... Moderate Unreviewed

CVE-2024-9850 was published Nov 16, 2024

The PeproDev WooCommerce Receipt Uploader plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed

CVE-2024-8873 was published Nov 16, 2024

The Bounce Handler MailPoet 3 plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2024-9938 was published Nov 16, 2024

The PJW Mime Config plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG... Moderate Unreviewed

CVE-2024-10017 was published Nov 16, 2024

The Steel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's btn... Moderate Unreviewed

CVE-2024-10147 was published Nov 16, 2024

The ConvertCalculator for WordPress plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-10015 was published Nov 16, 2024

The SimpleForm Contact Form Submissions plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed

CVE-2024-10884 was published Nov 16, 2024

The SimpleForm – Contact form made simple plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed

CVE-2024-10883 was published Nov 16, 2024

The Gallery Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to... Moderate Unreviewed

CVE-2024-10875 was published Nov 16, 2024

The 404 Error Monitor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-11118 was published Nov 16, 2024

The WP Log Viewer plugin for WordPress is vulnerable to unauthorized use of functionality due to... Moderate Unreviewed

CVE-2024-11085 was published Nov 16, 2024

The SVGPlus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG... Moderate Unreviewed

CVE-2024-11092 was published Nov 16, 2024

The The Drop Shadow Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in... Moderate Unreviewed

CVE-2024-10262 was published Nov 16, 2024

The WP Chat App plugin for WordPress is vulnerable to unauthorized plugin installation due to a... Moderate Unreviewed

CVE-2024-10533 was published Nov 16, 2024

The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is... Moderate Unreviewed

CVE-2024-6628 was published Nov 16, 2024

The Popularis Extra plugin for WordPress is vulnerable to Information Exposure in all versions up... Moderate Unreviewed

CVE-2024-10795 was published Nov 16, 2024

The Simple Local Avatars plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed

CVE-2024-10786 was published Nov 16, 2024

The Popup Box – Create Countdown, Coupon, Video, Contact Form Popups plugin for WordPress is... Moderate Unreviewed

CVE-2024-10861 was published Nov 16, 2024

A vulnerability, which was classified as critical, was found in SourceCodester Student Record... Moderate Unreviewed

CVE-2024-11261 was published Nov 16, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

108,363 advisories