Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,956
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,969
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

108,658 advisories

Loading
Missing Authorization vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion... Moderate Unreviewed
CVE-2023-39310 was published Jun 19, 2024
Missing Authorization vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a... Moderate Unreviewed
CVE-2023-39922 was published Jun 19, 2024
Missing Authorization vulnerability in Brainstorm Force Spectra.This issue affects Spectra: from... Moderate Unreviewed
CVE-2023-36676 was published Jun 19, 2024
Missing Authorization vulnerability in Paid Memberships Pro.This issue affects Paid Memberships... Moderate Unreviewed
CVE-2023-39990 was published Jun 19, 2024
Missing Authorization vulnerability in Brainstorm Force Premium Starter Templates, Brainstorm... Moderate Unreviewed
CVE-2023-41805 was published Jun 19, 2024
Missing Authorization vulnerability in Woo WooCommerce Ship to Multiple Addresses.This issue... Moderate Unreviewed
CVE-2023-37872 was published Jun 19, 2024
A high-privileged user, allowed to create custom osquery packs 17 could affect the availability... Moderate Unreviewed
CVE-2024-23443 was published Jun 19, 2024
Missing Authorization vulnerability in WP SCHEMA PRO Schema Pro.This issue affects Schema Pro:... Moderate Unreviewed
CVE-2023-36683 was published Jun 19, 2024
Missing Authorization vulnerability in Premium Addons Premium Addons PRO.This issue affects... Moderate Unreviewed
CVE-2023-37869 was published Jun 19, 2024
TinyMCE Cross-Site Scripting (XSS) vulnerability using noneditable_regexp option Moderate
CVE-2024-38356 was published for TinyMCE (Composer) Jun 19, 2024
TinyMCE Cross-Site Scripting (XSS) vulnerability using noscript elements Moderate
CVE-2024-38357 was published for TinyMCE (Composer) Jun 19, 2024
Malav-MK
The Paradox IP150 Internet Module in version 1.40.00 is vulnerable to Cross-Site Request Forgery ... Moderate Unreviewed
CVE-2024-5676 was published Jun 19, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Averta Master Slider.This issue affects Master... Moderate Unreviewed
CVE-2023-50900 was published Jun 19, 2024
Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects... Moderate Unreviewed
CVE-2023-48761 was published Jun 19, 2024
Missing Authorization vulnerability in Brainstorm Force Pre-Publish Checklist.This issue affects... Moderate Unreviewed
CVE-2023-44151 was published Jun 19, 2024
Missing Authorization vulnerability in Automattic Jetpack.This issue affects Jetpack: from n/a... Moderate Unreviewed
CVE-2023-47788 was published Jun 19, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-35765 was published Jun 19, 2024
Missing Authorization vulnerability in Brainstorm Force Astra Bulk Edit.This issue affects Astra... Moderate Unreviewed
CVE-2023-44148 was published Jun 19, 2024
Missing Authorization vulnerability in QuadLayers WooCommerce Checkout Manager.This issue affects... Moderate Unreviewed
CVE-2023-47681 was published Jun 19, 2024
The WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For... Moderate Unreviewed
CVE-2024-4632 was published Jun 19, 2024
The Photo Gallery, Images, Slider in Rbs Image Gallery plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-3894 was published Jun 19, 2024
The YARPP – Yet Another Related Posts Plugin plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2023-6495 was published Jun 19, 2024
The WP Maintenance plugin for WordPress is vulnerable to IP Address Spoofing in all versions up... Moderate Unreviewed
CVE-2024-0789 was published Jun 19, 2024
The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-0383 was published Jun 19, 2024
The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin... Moderate Unreviewed
CVE-2024-1407 was published Jun 19, 2024
ProTip! Advisories are also available from the GraphQL API