GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,452 advisories
Filter by severity
The Download Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a...
Moderate
Unreviewed
CVE-2024-9829
was published
Oct 23, 2024
The Rover IDX plugin for WordPress is vulnerable to unauthorized access, modification, and loss...
Moderate
Unreviewed
CVE-2024-10003
was published
Oct 22, 2024
In Zimbra Collaboration (ZCS) 8.8.15 and 9.0, a closed account (with 2FA and generated passwords)...
Moderate
Unreviewed
CVE-2023-26562
was published
Feb 13, 2024
Missing Authorization vulnerability in ProfileGrid User Profiles ProfileGrid.This issue affects...
Moderate
Unreviewed
CVE-2024-49273
was published
Oct 21, 2024
Missing Authorization vulnerability in Rextheme WP VR allows Exploiting Incorrectly Configured...
Moderate
Unreviewed
CVE-2024-49293
was published
Oct 21, 2024
Missing Authorization vulnerability in Colorlib Simple Custom Post Order allows Exploiting...
Moderate
Unreviewed
CVE-2024-49321
was published
Oct 21, 2024
Subscriber Broken Access Control in Photo Gallery Builder <= 3.0 versions.
Moderate
Unreviewed
CVE-2024-49325
was published
Oct 20, 2024
The SendGrid for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to...
Moderate
Unreviewed
CVE-2024-9364
was published
Oct 18, 2024
The Bulk images optimizer: Resize, optimize, convert to webp, rename … plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-9361
was published
Oct 18, 2024
The CloudStack Quota feature allows cloud administrators to implement a quota or usage limit...
Moderate
Unreviewed
CVE-2024-45461
was published
Oct 16, 2024
In lunary-ai/lunary version 1.2.5, an improper access control vulnerability exists due to a...
Moderate
Unreviewed
CVE-2024-5248
was published
Jun 6, 2024
The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2023-7290
was published
Oct 16, 2024
The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2023-7293
was published
Oct 16, 2024
The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2023-7292
was published
Oct 16, 2024
The Discount Rules for WooCommerce plugin for WordPress is vulnerable to missing authorization...
Moderate
Unreviewed
CVE-2020-36834
was published
Oct 16, 2024
The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to...
Moderate
Unreviewed
CVE-2022-4974
was published
Oct 16, 2024
The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2023-7288
was published
Oct 16, 2024
The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2023-7289
was published
Oct 16, 2024
The Premium Addons for Elementor plugin for WordPress is vulnerable to Arbitrary Option Updates...
Moderate
Unreviewed
CVE-2021-4445
was published
Oct 16, 2024
The Essential Addons for Elementor plugin for WordPress is vulnerable to authorization bypass in...
Moderate
Unreviewed
CVE-2021-4446
was published
Oct 16, 2024
The Indeed Membership Pro plugin for WordPress is vulnerable to authorization bypass due to...
Moderate
Unreviewed
CVE-2020-36833
was published
Oct 16, 2024
The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2023-7287
was published
Oct 16, 2024
The Multiline files upload for contact form 7 plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-9891
was published
Oct 16, 2024
The Order Attachments for WooCommerce plugin for WordPress is vulnerable to unauthorized limited...
Moderate
Unreviewed
CVE-2024-9756
was published
Oct 12, 2024
The Read more By Adam plugin for WordPress is vulnerable to unauthorized loss of data due to a...
Moderate
Unreviewed
CVE-2024-9187
was published
Oct 12, 2024
ProTip!
Advisories are also available from the
GraphQL API