GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
2,428 advisories
Filter by severity
Missing Authorization vulnerability in WpDevArt Responsive Image Gallery, Gallery Album.This...
Moderate
Unreviewed
CVE-2024-37542
was published
Jul 6, 2024
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized user...
Moderate
Unreviewed
CVE-2024-6088
was published
Jul 2, 2024
The Cost Calculator Builder plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2024-6012
was published
Jul 2, 2024
The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-5545
was published
Jul 2, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions...
Moderate
Unreviewed
CVE-2024-36995
was published
Jul 1, 2024
A command for refining a collection shard key is missing an authorization check. This may cause...
Moderate
Unreviewed
CVE-2024-6375
was published
Jul 1, 2024
PTC Creo Elements/Direct License Server exposes a web interface which can be used by...
Critical
Unreviewed
CVE-2024-6071
was published
Jun 28, 2024
SDG Technologies PnPSCADA allows a remote attacker to attach various entities without requiring...
Unknown
Unreviewed
CVE-2024-2882
was published
Jun 27, 2024
Missing authorization in Client-Server API in Conduit <=0.7.0, allowing for any alias to be...
Critical
Unreviewed
CVE-2024-6303
was published
Jun 25, 2024
Missing Authorization vulnerability in Membership Software WishList Member X.This issue affects...
High
Unreviewed
CVE-2024-37111
was published
Jun 24, 2024
The Sparkle Demo Importer plugin for WordPress is vulnerable to unauthorized database reset and...
Moderate
Unreviewed
CVE-2024-6120
was published
Jun 22, 2024
Missing Authorization vulnerability in Bill Minozzi WP Tools.This issue affects WP Tools: from n...
High
Unreviewed
CVE-2022-43453
was published
Jun 21, 2024
Missing Authorization vulnerability in Nikolay Strikhar WordPress Form Builder Plugin – Gutenberg...
Moderate
Unreviewed
CVE-2022-45803
was published
Jun 21, 2024
Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from...
Moderate
Unreviewed
CVE-2023-51375
was published
Jun 21, 2024
Missing Authorization vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a...
Critical
Unreviewed
CVE-2023-39312
was published
Jun 19, 2024
Missing Authorization vulnerability in Artbees JupiterX Core.This issue affects JupiterX Core:...
Moderate
Unreviewed
CVE-2023-38394
was published
Jun 19, 2024
Missing Authorization vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider...
High
Unreviewed
CVE-2024-34444
was published
Jun 19, 2024
Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms:...
High
Unreviewed
CVE-2023-38393
was published
Jun 19, 2024
Missing Authorization vulnerability in Hennessey Digital Attorney.This issue affects Attorney:...
Moderate
Unreviewed
CVE-2022-45832
was published
Jun 19, 2024
Missing Authorization vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n...
High
Unreviewed
CVE-2023-36515
was published
Jun 19, 2024
Missing Authorization vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n...
High
Unreviewed
CVE-2023-36516
was published
Jun 19, 2024
Missing Authorization vulnerability in Elementor Elementor Pro.This issue affects Elementor Pro:...
Moderate
Unreviewed
CVE-2023-35050
was published
Jun 19, 2024
Missing Authorization vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion...
Moderate
Unreviewed
CVE-2023-39310
was published
Jun 19, 2024
Missing Authorization vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a...
Moderate
Unreviewed
CVE-2023-39922
was published
Jun 19, 2024
ProTip!
Advisories are also available from the
GraphQL API