GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,678
Erlang
29
GitHub Actions
16
Go
1,707
Maven
4,940
npm
3,471
NuGet
603
pip
2,987
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
107,407 advisories
Filter by severity
The Opal Estate Pro – Property Management and Submission plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-3666
was published
May 22, 2024
The Print-O-Matic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-3671
was published
May 22, 2024
The WP Scraper plugin for WordPress is vulnerable to unauthorized access due to a missing...
Moderate
Unreviewed
CVE-2024-3663
was published
May 22, 2024
The Automatic Translator with Google Translate plugin for WordPress is vulnerable to Stored Cross...
Moderate
Unreviewed
CVE-2024-0632
was published
May 22, 2024
The ApplyOnline – Application Form Builder and Manager plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-2036
was published
May 22, 2024
The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-4362
was published
May 22, 2024
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Cross-Site...
Moderate
Unreviewed
CVE-2024-1446
was published
May 22, 2024
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Stored Cross...
Moderate
Unreviewed
CVE-2024-1762
was published
May 22, 2024
The WP Font Awesome Share Icons plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-3198
was published
May 22, 2024
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-4971
was published
May 22, 2024
The Toolbar Extras for Elementor & More – WordPress Admin Bar Enhanced plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-3611
was published
May 22, 2024
The Elegant Addons for elementor plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-5092
was published
May 22, 2024
The Elegant Addons for elementor plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-3066
was published
May 22, 2024
The WPKoi Templates for Elementor plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-4980
was published
May 22, 2024
The AI ChatBot plugin for WordPress is vulnerable to unauthorized modification of data due to a...
Moderate
Unreviewed
CVE-2024-0452
was published
May 22, 2024
The AI ChatBot plugin for WordPress is vulnerable to unauthorized modification of data due to a...
Moderate
Unreviewed
CVE-2024-0453
was published
May 22, 2024
The AI ChatBot plugin for WordPress is vulnerable to unauthorized access of data due to a missing...
Moderate
Unreviewed
CVE-2024-0451
was published
May 22, 2024
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite,...
Moderate
Unreviewed
CVE-2020-35165
was published
May 22, 2024
The Media Library Assistant plugin for WordPress is vulnerable to Reflected Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-3519
was published
May 22, 2024
Shopware Non-Persistent XSS in the Frontend
Moderate
GHSA-jqr7-5h7r-ch8p
was published
for
shopware/shopware
(Composer)
May 21, 2024
The vCenter Server contains a partial file read vulnerability. A malicious actor with...
Moderate
Unreviewed
CVE-2024-22275
was published
May 21, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several...
Moderate
Unreviewed
CVE-2024-27129
was published
May 21, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several...
Moderate
Unreviewed
CVE-2024-27128
was published
May 21, 2024
An incorrect permission assignment for critical resource vulnerability has been reported to...
Moderate
Unreviewed
CVE-2024-21902
was published
May 21, 2024
sensiolabs/connect has a Cross-Site Request Forgery Vulnerability
Moderate
GHSA-6wqp-7g94-f69j
was published
for
sensiolabs/connect
(Composer)
May 21, 2024
ProTip!
Advisories are also available from the
GraphQL API