GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,956
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,969
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
108,658 advisories
Filter by severity
Missing Authorization vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion...
Moderate
Unreviewed
CVE-2023-39310
was published
Jun 19, 2024
Missing Authorization vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a...
Moderate
Unreviewed
CVE-2023-39922
was published
Jun 19, 2024
Missing Authorization vulnerability in Brainstorm Force Spectra.This issue affects Spectra: from...
Moderate
Unreviewed
CVE-2023-36676
was published
Jun 19, 2024
Missing Authorization vulnerability in Paid Memberships Pro.This issue affects Paid Memberships...
Moderate
Unreviewed
CVE-2023-39990
was published
Jun 19, 2024
Missing Authorization vulnerability in Brainstorm Force Premium Starter Templates, Brainstorm...
Moderate
Unreviewed
CVE-2023-41805
was published
Jun 19, 2024
Missing Authorization vulnerability in Woo WooCommerce Ship to Multiple Addresses.This issue...
Moderate
Unreviewed
CVE-2023-37872
was published
Jun 19, 2024
A high-privileged user, allowed to create custom osquery packs 17 could affect the availability...
Moderate
Unreviewed
CVE-2024-23443
was published
Jun 19, 2024
Missing Authorization vulnerability in WP SCHEMA PRO Schema Pro.This issue affects Schema Pro:...
Moderate
Unreviewed
CVE-2023-36683
was published
Jun 19, 2024
Missing Authorization vulnerability in Premium Addons Premium Addons PRO.This issue affects...
Moderate
Unreviewed
CVE-2023-37869
was published
Jun 19, 2024
TinyMCE Cross-Site Scripting (XSS) vulnerability using noneditable_regexp option
Moderate
CVE-2024-38356
was published
for
TinyMCE
(Composer)
Jun 19, 2024
TinyMCE Cross-Site Scripting (XSS) vulnerability using noscript elements
Moderate
CVE-2024-38357
was published
for
TinyMCE
(Composer)
Jun 19, 2024
The Paradox IP150 Internet Module in version 1.40.00 is vulnerable to Cross-Site Request Forgery ...
Moderate
Unreviewed
CVE-2024-5676
was published
Jun 19, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Averta Master Slider.This issue affects Master...
Moderate
Unreviewed
CVE-2023-50900
was published
Jun 19, 2024
Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects...
Moderate
Unreviewed
CVE-2023-48761
was published
Jun 19, 2024
Missing Authorization vulnerability in Brainstorm Force Pre-Publish Checklist.This issue affects...
Moderate
Unreviewed
CVE-2023-44151
was published
Jun 19, 2024
Missing Authorization vulnerability in Automattic Jetpack.This issue affects Jetpack: from n/a...
Moderate
Unreviewed
CVE-2023-47788
was published
Jun 19, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35765
was published
Jun 19, 2024
Missing Authorization vulnerability in Brainstorm Force Astra Bulk Edit.This issue affects Astra...
Moderate
Unreviewed
CVE-2023-44148
was published
Jun 19, 2024
Missing Authorization vulnerability in QuadLayers WooCommerce Checkout Manager.This issue affects...
Moderate
Unreviewed
CVE-2023-47681
was published
Jun 19, 2024
The WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For...
Moderate
Unreviewed
CVE-2024-4632
was published
Jun 19, 2024
The Photo Gallery, Images, Slider in Rbs Image Gallery plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-3894
was published
Jun 19, 2024
The YARPP – Yet Another Related Posts Plugin plugin for WordPress is vulnerable to Stored Cross...
Moderate
Unreviewed
CVE-2023-6495
was published
Jun 19, 2024
The WP Maintenance plugin for WordPress is vulnerable to IP Address Spoofing in all versions up...
Moderate
Unreviewed
CVE-2024-0789
was published
Jun 19, 2024
The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-0383
was published
Jun 19, 2024
The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin...
Moderate
Unreviewed
CVE-2024-1407
was published
Jun 19, 2024
ProTip!
Advisories are also available from the
GraphQL API