GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,892
Composer 4,266
Erlang 31
GitHub Actions 21
Go 2,041
Maven 5,224
npm 3,733
NuGet 662
pip 3,414
Pub 12
RubyGems 891
Rust 866
Swift 36

Unreviewed advisories

All unreviewed 238,102

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

110,664 advisories

Filter by severity

Sort by

Least recently updated

The WP BASE Booking of Appointments, Services and Events plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-12469 was published Dec 17, 2024

The Learning Management System, eLearning, Course Builder, WordPress LMS Plugin – Sikshya LMS... Moderate Unreviewed

CVE-2024-12127 was published Dec 17, 2024

The SMS for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-12220 was published Dec 17, 2024

The Memberful plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed

CVE-2024-11294 was published Dec 17, 2024

The Stop Registration Spam plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2024-12219 was published Dec 17, 2024

Some parameters of the alarm clock module are improperly stored, leaking some sensitive information. Moderate Unreviewed

CVE-2021-26281 was published Dec 17, 2024

Cross-site scripting vulnerability exists in My WP Customize Admin/Frontend versions prior to ver... Moderate Unreviewed

CVE-2024-55864 was published Dec 17, 2024

Some parameters of the weather module are improperly stored, leaking some sensitive information. Moderate Unreviewed

CVE-2021-26279 was published Dec 17, 2024

The PowerPack Lite for Beaver Builder plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2024-12239 was published Dec 17, 2024

The wifi module exposes the interface and has improper permission control, leaking sensitive... Moderate Unreviewed

CVE-2021-26278 was published Dec 17, 2024

When using special mode to connect to enterprise wifi, certain options are not properly... Moderate Unreviewed

CVE-2020-12484 was published Dec 17, 2024

The TPG Get Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-11906 was published Dec 17, 2024

The Slope Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-11902 was published Dec 17, 2024

The Animated Counters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-11905 was published Dec 17, 2024

The Portfolio – Filterable Masonry Portfolio Gallery for Professionals plugin for WordPress is... Moderate Unreviewed

CVE-2024-11900 was published Dec 17, 2024

The CRM Perks – WordPress HelpDesk Integration – Zendesk, Freshdesk, HelpScout plugin for... Moderate Unreviewed

CVE-2024-12443 was published Dec 17, 2024

Intrexx Portal Server before 12.0.2 allows XSS via a user-defined portlet. Moderate Unreviewed

CVE-2024-55554 was published Dec 17, 2024

A Stored Cross-Site Scripting (XSS) vulnerability exists in authenticated SVG file upload and... Moderate Unreviewed

CVE-2024-55451 was published Dec 17, 2024

A URL redirection vulnerability exists in UJCMS 9.6.3 due to improper validation of URLs in the... Moderate Unreviewed

CVE-2024-55452 was published Dec 17, 2024

An HTML injection vulnerability in Sunbird DCIM dcTrack 9.1.2 allows attackers authenticated as... Moderate Unreviewed

CVE-2024-37773 was published Dec 17, 2024

A cross-site scripting (XSS) vulnerability in Sunbird DCIM dcTrack v9.1.2 allows attackers to... Moderate Unreviewed

CVE-2024-37776 was published Dec 17, 2024

A vulnerability classified as problematic was found in funnyzpc Mee-Admin up to 1.6. This... Moderate Unreviewed

CVE-2024-12663 was published Dec 16, 2024

A vulnerability classified as problematic has been found in IObit Advanced SystemCare Utimate up... Moderate Unreviewed

CVE-2024-12662 was published Dec 16, 2024

A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been rated as... Moderate Unreviewed

CVE-2024-12661 was published Dec 16, 2024

A vulnerability was found in InvoicePlane up to 1.6.1 and classified as problematic. Affected by... Moderate Unreviewed

CVE-2024-12667 was published Dec 16, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

110,664 advisories