GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,952
Composer 4,274
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,237
npm 3,740
NuGet 668
pip 3,419
Pub 12
RubyGems 891
Rust 872
Swift 36

Unreviewed advisories

All unreviewed 238,577

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

238,577 advisories

Filter by severity

Sort by

Least recently updated

Improper verification of cryptographic signature during installation of a VPN driver via the... High Unreviewed

CVE-2024-7479 was published Sep 25, 2024

Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved... High Unreviewed

CVE-2024-31145 was published Sep 25, 2024

In x86's APIC (Advanced Programmable Interrupt Controller) architecture, error conditions are... Unknown Unreviewed

CVE-2024-45817 was published Sep 25, 2024

Improper verification of cryptographic signature during installation of a Printer driver via the... High Unreviewed

CVE-2024-7481 was published Sep 25, 2024

When multiple devices share resources and one of them is to be passed through to a guest,... High Unreviewed

CVE-2024-31146 was published Sep 25, 2024

The Ninja Forms Contact Form plugin for WordPress is vulnerable to Reflected Self-Based Cross... Moderate Unreviewed

CVE-2024-3866 was published Sep 25, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2024-47303 was published Sep 25, 2024

The Revolut Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2024-8678 was published Sep 25, 2024

The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible... High Unreviewed

CVE-2024-8290 was published Sep 25, 2024

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed

CVE-2024-8910 was published Sep 25, 2024

An unauthenticated remote attacker can causes the CODESYS web server to access invalid memory... High Unreviewed

CVE-2024-8175 was published Sep 25, 2024

The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin... Moderate Unreviewed

CVE-2024-9169 was published Sep 25, 2024

The Chatbot with ChatGPT WordPress plugin before 2.4.6 does not have proper authorization in one... Moderate Unreviewed

CVE-2024-6845 was published Sep 25, 2024

The adstxt Plugin WordPress plugin through 1.0.0 does not have CSRF check in place when updating... Moderate Unreviewed

CVE-2024-7892 was published Sep 25, 2024

The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution ... Moderate Unreviewed

CVE-2024-8668 was published Sep 25, 2024

The WP ULike WordPress plugin before 4.7.4 does not sanitise and escape some of its settings,... Moderate Unreviewed

CVE-2024-7878 was published Sep 25, 2024

The WordPress Simple HTML Sitemap plugin for WordPress is vulnerable to SQL Injection via the 'id... Critical Unreviewed

CVE-2024-7385 was published Sep 25, 2024

The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-8515 was published Sep 25, 2024

The Prisna GWT – Google Website Translator plugin for WordPress is vulnerable to PHP Object... Critical Unreviewed

CVE-2024-8514 was published Sep 25, 2024

The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Information Exposure in... Moderate Unreviewed

CVE-2024-8516 was published Sep 25, 2024

The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks... Moderate Unreviewed

CVE-2024-8658 was published Sep 25, 2024

The The Events Calendar plugin for WordPress is vulnerable to SQL Injection via the 'order'... Critical Unreviewed

CVE-2024-8275 was published Sep 25, 2024

The Material Design Icons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-9024 was published Sep 25, 2024

The GutenGeek Free Gutenberg Blocks for WordPress plugin for WordPress is vulnerable to Stored... Moderate Unreviewed

CVE-2024-9073 was published Sep 25, 2024

The WP GPX Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2024-9028 was published Sep 25, 2024

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

238,577 advisories