Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,678
Erlang
29
GitHub Actions
16
Go
1,707
Maven
4,940
npm
3,471
NuGet
603
pip
2,987
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

107,407 advisories

The Opal Estate Pro – Property Management and Submission plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-3666 was published May 22, 2024
The Print-O-Matic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-3671 was published May 22, 2024
The WP Scraper plugin for WordPress is vulnerable to unauthorized access due to a missing... Moderate Unreviewed
CVE-2024-3663 was published May 22, 2024
The Automatic Translator with Google Translate plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2024-0632 was published May 22, 2024
The ApplyOnline – Application Form Builder and Manager plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-2036 was published May 22, 2024
The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2024-4362 was published May 22, 2024
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed
CVE-2024-1446 was published May 22, 2024
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2024-1762 was published May 22, 2024
The WP Font Awesome Share Icons plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2024-3198 was published May 22, 2024
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed
CVE-2024-4971 was published May 22, 2024
The Toolbar Extras for Elementor & More – WordPress Admin Bar Enhanced plugin for WordPress is... Moderate Unreviewed
CVE-2024-3611 was published May 22, 2024
The Elegant Addons for elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-5092 was published May 22, 2024
The Elegant Addons for elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-3066 was published May 22, 2024
The WPKoi Templates for Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-4980 was published May 22, 2024
The AI ChatBot plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed
CVE-2024-0452 was published May 22, 2024
The AI ChatBot plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed
CVE-2024-0453 was published May 22, 2024
The AI ChatBot plugin for WordPress is vulnerable to unauthorized access of data due to a missing... Moderate Unreviewed
CVE-2024-0451 was published May 22, 2024
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite,... Moderate Unreviewed
CVE-2020-35165 was published May 22, 2024
The Media Library Assistant plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed
CVE-2024-3519 was published May 22, 2024
Shopware Non-Persistent XSS in the Frontend Moderate
GHSA-jqr7-5h7r-ch8p was published for shopware/shopware (Composer) May 21, 2024
The vCenter Server contains a partial file read vulnerability. A malicious actor with... Moderate Unreviewed
CVE-2024-22275 was published May 21, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several... Moderate Unreviewed
CVE-2024-27129 was published May 21, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several... Moderate Unreviewed
CVE-2024-27128 was published May 21, 2024
An incorrect permission assignment for critical resource vulnerability has been reported to... Moderate Unreviewed
CVE-2024-21902 was published May 21, 2024
sensiolabs/connect has a Cross-Site Request Forgery Vulnerability Moderate
GHSA-6wqp-7g94-f69j was published for sensiolabs/connect (Composer) May 21, 2024
ProTip! Advisories are also available from the GraphQL API