GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+
2,469 advisories
Filter by severity
SAP CRM WebClient does not
perform necessary authorization check for an authenticated user,...
Moderate
Unreviewed
CVE-2024-37175
was published
Jul 9, 2024
Due to missing authorization checks, SAP Enable
Now allows an author to escalate privileges to...
Moderate
Unreviewed
CVE-2024-39596
was published
Jul 9, 2024
SAP S/4HANA Finance (Advanced Payment
Management) does not perform necessary authorization check...
Moderate
Unreviewed
CVE-2024-37172
was published
Jul 9, 2024
Elements of PDCE does not perform necessary
authorization checks for an authenticated user,...
High
Unreviewed
CVE-2024-39592
was published
Jul 9, 2024
Missing Authorization vulnerability in WpDevArt Responsive Image Gallery, Gallery Album.This...
Moderate
Unreviewed
CVE-2024-37542
was published
Jul 6, 2024
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized user...
Moderate
Unreviewed
CVE-2024-6088
was published
Jul 2, 2024
The Cost Calculator Builder plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2024-6012
was published
Jul 2, 2024
The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-5545
was published
Jul 2, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions...
Moderate
Unreviewed
CVE-2024-36995
was published
Jul 1, 2024
A command for refining a collection shard key is missing an authorization check. This may cause...
Moderate
Unreviewed
CVE-2024-6375
was published
Jul 1, 2024
PTC Creo Elements/Direct License Server exposes a web interface which can be used by...
Critical
Unreviewed
CVE-2024-6071
was published
Jun 28, 2024
SDG Technologies PnPSCADA allows a remote attacker to attach various entities without requiring...
Unknown
Unreviewed
CVE-2024-2882
was published
Jun 27, 2024
Missing authorization in Client-Server API in Conduit <=0.7.0, allowing for any alias to be...
Critical
Unreviewed
CVE-2024-6303
was published
Jun 25, 2024
Missing Authorization vulnerability in Membership Software WishList Member X.This issue affects...
High
Unreviewed
CVE-2024-37111
was published
Jun 24, 2024
The Sparkle Demo Importer plugin for WordPress is vulnerable to unauthorized database reset and...
Moderate
Unreviewed
CVE-2024-6120
was published
Jun 22, 2024
Missing Authorization vulnerability in Bill Minozzi WP Tools.This issue affects WP Tools: from n...
High
Unreviewed
CVE-2022-43453
was published
Jun 21, 2024
Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from...
Moderate
Unreviewed
CVE-2023-51375
was published
Jun 21, 2024
Missing Authorization vulnerability in Nikolay Strikhar WordPress Form Builder Plugin – Gutenberg...
Moderate
Unreviewed
CVE-2022-45803
was published
Jun 21, 2024
The ConvertKit – Email Newsletter, Email Marketing, Subscribers and Landing Pages plugin for...
Moderate
Unreviewed
CVE-2024-3961
was published
Jun 21, 2024
The WP Child Theme Generator plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2024-3610
was published
Jun 21, 2024
The Hide Dashboard Notifications plugin for WordPress is vulnerable to unauthorized modification...
Moderate
Unreviewed
CVE-2024-1955
was published
Jun 21, 2024
The Pop ups, Exit intent popups, email popups, banners, bars, countdowns and cart savers –...
Moderate
Unreviewed
CVE-2024-3602
was published
Jun 20, 2024
The Wheel of Life: Coaching and Assessment Tool for Life Coach plugin for WordPress is vulnerable...
Moderate
Unreviewed
CVE-2024-3627
was published
Jun 20, 2024
The Materialis theme for WordPress is vulnerable to limited arbitrary options updates in versions...
Moderate
Unreviewed
CVE-2023-3204
was published
Jun 20, 2024
ProTip!
Advisories are also available from the
GraphQL API