GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,678
NuGet
645
pip
3,297
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
91,123 advisories
Filter by severity
The Download Monitor plugin for WordPress is vulnerable to authorization bypass due to a missing...
High
Unreviewed
CVE-2022-4972
was published
Oct 16, 2024
Account users in Apache CloudStack by default are allowed to upload and register templates for...
High
Unreviewed
CVE-2024-45219
was published
Oct 16, 2024
SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code...
High
Unreviewed
CVE-2024-45711
was published
Oct 16, 2024
SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local Privilege...
High
Unreviewed
CVE-2024-45710
was published
Oct 16, 2024
The SolarWinds Platform was susceptible to a Cross-Site Scripting vulnerability when performing...
High
Unreviewed
CVE-2024-45715
was published
Oct 16, 2024
The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized...
High
Unreviewed
CVE-2023-7294
was published
Oct 16, 2024
The File Manager Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
High
Unreviewed
CVE-2024-8507
was published
Oct 16, 2024
The File Manager Pro plugin for WordPress is vulnerable to arbitrary backup file downloads and...
High
Unreviewed
CVE-2024-8746
was published
Oct 16, 2024
The The WP Popup Builder – Popup Forms and Marketing Lead Generation plugin for WordPress is...
High
Unreviewed
CVE-2024-9061
was published
Oct 16, 2024
The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized...
High
Unreviewed
CVE-2023-7291
was published
Oct 16, 2024
Users logged into the Apache CloudStack's web interface can be tricked to submit malicious CSRF...
High
Unreviewed
CVE-2024-45693
was published
Oct 16, 2024
The File Manager Pro plugin for WordPress is vulnerable to Limited JavaScript File Upload in all...
High
Unreviewed
CVE-2024-8918
was published
Oct 16, 2024
The Formidable Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
High
Unreviewed
CVE-2017-20192
was published
Oct 16, 2024
The Rich Review plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the POST...
High
Unreviewed
CVE-2019-25216
was published
Oct 16, 2024
The ARI-Adminer plugin for WordPress is vulnerable to authorization bypass due to a lack of file...
High
Unreviewed
CVE-2019-25215
was published
Oct 16, 2024
The ShopWP plugin for WordPress is vulnerable to authorization bypass due to a missing capability...
High
Unreviewed
CVE-2019-25214
was published
Oct 16, 2024
The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized arbitrary file deletion...
High
Unreviewed
CVE-2020-36836
was published
Oct 16, 2024
The WP Lead Plus X plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions...
High
Unreviewed
CVE-2020-36839
was published
Oct 16, 2024
The Facebook Chat Plugin for WordPress is vulnerable to authorization bypass due to a missing...
High
Unreviewed
CVE-2020-36838
was published
Oct 16, 2024
The Product Filter by WooBeWoo plugin for WordPress is vulnerable to authorization bypass in...
High
Unreviewed
CVE-2021-4444
was published
Oct 16, 2024
The Kaswara Modern VC Addons plugin for WordPress is vulnerable to authorization bypass in...
High
Unreviewed
CVE-2021-4448
was published
Oct 16, 2024
The Essential Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in...
High
Unreviewed
CVE-2021-4447
was published
Oct 16, 2024
The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Server-Side Request Forgery...
High
Unreviewed
CVE-2012-10018
was published
Oct 16, 2024
The MainWP Dashboard – The Private WordPress Manager for Multiple Website Maintenance plugin for...
High
Unreviewed
CVE-2016-15041
was published
Oct 16, 2024
The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to privilege escalation...
High
Unreviewed
CVE-2024-9305
was published
Oct 16, 2024
ProTip!
Advisories are also available from the
GraphQL API