GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,990
Composer 4,293
Erlang 31
GitHub Actions 21
Go 2,061
Maven 5,239
npm 3,744
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,556

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

111,472 advisories

Filter by severity

Sort by

Least recently updated

The tagDiv Composer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-3814 was published Jun 15, 2024

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.7.0.9 and 11.8.0.5 are... Moderate Unreviewed

CVE-2024-21988 was published Jun 15, 2024

A cross-site scripting (XSS) vulnerability in Aegon Life v1.0 allows attackers to execute... Moderate Unreviewed

CVE-2024-36599 was published Jun 14, 2024

An issue in the LB-LINK BL-W1210M v2.0 router allows attackers to bypass password complexity... Moderate Unreviewed

CVE-2024-33373 was published Jun 14, 2024

An open redirect issue was discovered in Kibana that could lead to a user being redirected to an... Moderate Unreviewed

CVE-2024-23442 was published Jun 14, 2024

In MintHCM 4.0.3, a registered user can execute arbitrary JavaScript code and achieve a reflected... Moderate Unreviewed

CVE-2024-36656 was published Jun 14, 2024

The Folders and Folders Pro plugin for WordPress is vulnerable to Directory Traversal in all... Moderate Unreviewed

CVE-2024-2023 was published Jun 14, 2024

A vulnerability in the IPS Manager, Central Manager, and Local Manager communication workflow... Moderate Unreviewed

CVE-2024-5731 was published Jun 14, 2024

Missing Authorization vulnerability in Brainstorm Force ProjectHuddle Client Site.This issue... Moderate Unreviewed

CVE-2023-51376 was published Jun 14, 2024

Local privilege escalation due to insecure folder permissions. The following products are... Moderate Unreviewed

CVE-2024-34012 was published Jun 14, 2024

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is... Moderate Unreviewed

CVE-2024-4863 was published Jun 14, 2024

The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-5994 was published Jun 14, 2024

Function vulnerabilities in the Calendar module Impact: Successful exploitation of this... Moderate Unreviewed

CVE-2024-5465 was published Jun 14, 2024

Memory management vulnerability in the boottime module Impact: Successful exploitation of this... Moderate Unreviewed

CVE-2024-36501 was published Jun 14, 2024

Vulnerability of unauthorized screenshot capturing in the WMS module Impact: Successful... Moderate Unreviewed

CVE-2024-36499 was published Jun 14, 2024

Vulnerability of insufficient permission verification in the NearLink module Impact: Successful... Moderate Unreviewed

CVE-2024-5464 was published Jun 14, 2024

The SVGator WordPress plugin through 1.2.6 does not sanitize SVG file contents, which enables... Moderate Unreviewed

CVE-2024-4271 was published Jun 14, 2024

The Inquiry cart WordPress plugin through 3.4.2 does not have CSRF check in some places, and is... Moderate Unreviewed

CVE-2024-5155 was published Jun 14, 2024

The Pray For Me WordPress plugin through 1.0.4 does not sanitise and escape some parameters,... Moderate Unreviewed

CVE-2024-3966 was published Jun 14, 2024

The Social Pixel WordPress plugin through 2.1 does not sanitise and escape some of its settings,... Moderate Unreviewed

CVE-2024-4005 was published Jun 14, 2024

The SVGMagic WordPress plugin through 1.1 does not sanitize SVG file contents, which enables... Moderate Unreviewed

CVE-2024-4270 was published Jun 14, 2024

The Amen WordPress plugin through 3.3.1 does not sanitise and escape some of its settings, which... Moderate Unreviewed

CVE-2024-3992 was published Jun 14, 2024

The Similarity WordPress plugin through 3.0 does not have CSRF check in some places, and is... Moderate Unreviewed

CVE-2024-3972 was published Jun 14, 2024

The WordPress Jitsi Shortcode WordPress plugin through 0.1 does not sanitise and escape some of... Moderate Unreviewed

CVE-2024-3977 was published Jun 14, 2024

The Similarity WordPress plugin through 3.0 does not have CSRF check in place when resetting its... Moderate Unreviewed

CVE-2024-3971 was published Jun 14, 2024

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

111,472 advisories