Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,971
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,091
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

241,042 advisories

Loading
The Contact Form 7 Skins WordPress plugin through 2.5.0 does not sanitise and escape the tab... Moderate Unreviewed
CVE-2021-25063 was published Feb 2, 2022
The check_privacy_settings AJAX action of the WordPress GDPR WordPress plugin before 1.9.27,... Moderate Unreviewed
CVE-2022-0220 was published Feb 2, 2022
The Visual CSS Style Editor WordPress plugin before 7.5.4 does not sanitise and escape the... Moderate Unreviewed
CVE-2021-24934 was published Feb 2, 2022
The Wicked Folders WordPress plugin before 2.8.10 does not sanitise and escape the folder_id... High Unreviewed
CVE-2021-24919 was published Feb 2, 2022
The NextScripts: Social Networks Auto-Poster WordPress plugin before 4.3.24 does not sanitise and... Moderate Unreviewed
CVE-2021-24975 was published Feb 2, 2022
The Custom Dashboard & Login Page WordPress plugin before 7.0 does not sanitise some of its... Moderate Unreviewed
CVE-2021-24944 was published Feb 2, 2022
The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5 does not escape the... Moderate Unreviewed
CVE-2021-24937 was published Feb 2, 2022
The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5 does not sanitise and... Moderate Unreviewed
CVE-2021-24983 was published Feb 2, 2022
The NextScripts: Social Networks Auto-Poster WordPress plugin before 4.3.25 does not have CSRF... Moderate Unreviewed
CVE-2021-25072 was published Feb 2, 2022
The Link Library WordPress plugin before 7.2.9 does not sanitise and escape the settingscopy... Moderate Unreviewed
CVE-2021-25091 was published Feb 2, 2022
The WOOF WordPress plugin before 1.2.6.3 does not sanitise and escape the woof_redraw_elements... Moderate Unreviewed
CVE-2021-25085 was published Feb 2, 2022
The Ninja Tables WordPress plugin before 4.1.8 does not sanitise and escape some of its table... Moderate Unreviewed
CVE-2021-24900 was published Feb 2, 2022
The Document Embedder WordPress plugin before 1.7.5 contains a REST endpoint, which could allow... Moderate Unreviewed
CVE-2021-24775 was published Feb 2, 2022
The Domain Check WordPress plugin before 1.0.17 does not sanitise and escape the domain parameter... Moderate Unreviewed
CVE-2021-24926 was published Feb 2, 2022
The Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET... Critical Unreviewed
CVE-2021-24762 was published Feb 2, 2022
The Perfect Survey WordPress plugin before 1.5.2 does not have proper authorisation nor CSRF... High Unreviewed
CVE-2021-24763 was published Feb 2, 2022
The Learning Courses WordPress plugin before 5.0 does not sanitise and escape the Email PDT... Moderate Unreviewed
CVE-2021-24707 was published Feb 2, 2022
The Document Embedder WordPress plugin before 1.7.9 contains a AJAX action endpoint, which could... Moderate Unreviewed
CVE-2021-24868 was published Feb 2, 2022
The Perfect Survey WordPress plugin through 1.5.2 does not validate and escape the X-Forwarded... Moderate Unreviewed
CVE-2021-24765 was published Feb 2, 2022
The Error Log Viewer WordPress plugin through 1.1.1 does not perform nonce check when deleting a... Moderate Unreviewed
CVE-2021-24761 was published Feb 2, 2022
The RegistrationMagic WordPress plugin before 5.0.1.9 does not sanitise and escape the... Moderate Unreviewed
CVE-2021-24648 was published Feb 2, 2022
The Perfect Survey WordPress plugin before 1.5.2 does not sanitise and escape multiple parameters... Moderate Unreviewed
CVE-2021-24764 was published Feb 2, 2022
MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements... High Unreviewed
CVE-2021-46668 was published Feb 2, 2022
In Eclipse Wakaama, ever since its inception until 2021-01-14, the CoAP parsing code does not... High Unreviewed
CVE-2021-41040 was published Feb 2, 2022
MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the... High Unreviewed
CVE-2021-46669 was published Feb 2, 2022
ProTip! Advisories are also available from the GraphQL API