Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

342 advisories

Loading
The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-10794 was published Nov 13, 2024
The BuddyPress Builder for Elementor – BuddyBuilder plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-10778 was published Nov 13, 2024
An authorization bypass through user-controlled key vulnerability [CWE-639] in Fortinet... Moderate Unreviewed
CVE-2023-47543 was published Nov 12, 2024
The Futurio Extra plugin for WordPress is vulnerable to Information Exposure in all versions up... Moderate Unreviewed
CVE-2024-10695 was published Nov 12, 2024
The Attesa Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to... Moderate Unreviewed
CVE-2024-10688 was published Nov 9, 2024
The Countdown Timer block – Display the event's date into a timer. plugin for WordPress is... Moderate Unreviewed
CVE-2024-10669 was published Nov 9, 2024
The Envo Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to,... Moderate Unreviewed
CVE-2024-10770 was published Nov 9, 2024
The Content Slider Block plugin for WordPress is vulnerable to Information Exposure in all... Moderate Unreviewed
CVE-2024-10667 was published Nov 9, 2024
The SKT Addons for Elementor plugin for WordPress is vulnerable to Information Exposure in all... Moderate Unreviewed
CVE-2024-10693 was published Nov 9, 2024
The User Meta – User Profile Builder and User management plugin plugin for WordPress is... Moderate Unreviewed
CVE-2024-9262 was published Nov 9, 2024
The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Information Exposure in... Moderate Unreviewed
CVE-2024-10779 was published Nov 9, 2024
Moodle's IDOR in badges allows deletion of arbitrary badges Moderate
CVE-2024-43431 was published for moodle/moodle (Composer) Nov 7, 2024
Moodle's IDOR in Feedback non-respondents report allows messaging arbitrary site users Moderate
CVE-2024-43438 was published for moodle/moodle (Composer) Nov 7, 2024
A vulnerability has been found in TOTOLINK LR350 up to 9.3.5u.6369 and classified as critical.... Moderate Unreviewed
CVE-2024-10654 was published Nov 1, 2024
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is... Moderate Unreviewed
CVE-2024-9700 was published Oct 31, 2024
The eHRD CTMS from Sunnet has an Insecure Direct Object Reference (IDOR) vulnerability, allowing... Moderate Unreviewed
CVE-2024-10439 was published Oct 28, 2024
A vulnerability was found in wfh45678 Radar up to 1.0.8 and classified as critical. This issue... Moderate Unreviewed
CVE-2024-10121 was published Oct 18, 2024
Dell E-Lab Navigator, [3.1.9, 3.2.0], contains an Insecure Direct Object Reference Vulnerability... Moderate Unreviewed
CVE-2024-22455 was published Oct 16, 2024
Insecure handling of ssh keys used to bootstrap clients allows local attackers to potentially... Moderate Unreviewed
CVE-2023-32189 was published Oct 16, 2024
The plugin ACF Quick Edit Fields for WordPress is vulnerable to Insecure Direct Object Reference... Moderate Unreviewed
CVE-2023-7286 was published Oct 16, 2024
KubeSphere IDOR vulnerability Moderate
CVE-2024-46528 was published for github.com/kubesphere/kubesphere (Go) Oct 14, 2024
Malayke
A vulnerability classified as problematic was found in Sovell Smart Canteen System up to 3.0.7303... Moderate Unreviewed
CVE-2024-9554 was published Oct 6, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Salon Booking System Salon... Moderate Unreviewed
CVE-2024-47316 was published Oct 5, 2024
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series... Moderate Unreviewed
CVE-2024-20513 was published Oct 2, 2024
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been... Moderate Unreviewed
CVE-2024-9298 was published Sep 28, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database