GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,138
Composer 4,333
Erlang 31
GitHub Actions 21
Go 2,094
Maven 5,263
npm 3,759
NuGet 678
pip 3,445
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,311

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,270 advisories

Filter by severity

Sort by

Least recently updated

In NlpService, there is a possible way to obtain location information due to a missing permission... Moderate Unreviewed

CVE-2018-9406 was published Jan 18, 2025

The LifterLMS – WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-0377 was published Mar 13, 2024

The Tutor LMS plugin for WordPress is vulnerable to bypass to user registration in versions up to... Moderate Unreviewed

CVE-2024-10393 was published Jan 23, 2025

In multiple locations, there is a possible way to access media content belonging to another user... Moderate Unreviewed

CVE-2023-40108 was published Jan 22, 2025

The Pods – Custom Content Types and Fields plugin for WordPress is vulnerable to Missing... Moderate Unreviewed

CVE-2023-6965 was published Apr 9, 2024

An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access... Moderate Unreviewed

CVE-2018-14628 was published Jan 17, 2023

The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content... Moderate Unreviewed

CVE-2024-1390 was published Feb 29, 2024

Missing Authorization vulnerability in Eugen Bobrowski Debug Tool allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2025-23684 was published Jan 22, 2025

Missing Authorization vulnerability in NotFound Database Sync allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2025-23486 was published Jan 22, 2025

The WP Hotel Booking plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed

CVE-2024-13447 was published Jan 22, 2025

The AI Power: Complete AI Pack plugin for WordPress is vulnerable to unauthorized access due to a... Moderate Unreviewed

CVE-2024-13361 was published Jan 22, 2025

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to unauthorized modification... Moderate Unreviewed

CVE-2024-12879 was published Jan 22, 2025

The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress is... Moderate Unreviewed

CVE-2024-3942 was published May 2, 2024

In multiple locations, there is a possible way to bypass KASLR due to an unusual root cause. This... Moderate Unreviewed

CVE-2018-9384 was published Jan 18, 2025

Mevin Productions Basic PHP Events Lister 2.0 does not properly restrict access to (1) admin... Moderate Unreviewed

CVE-2009-3168 was published May 2, 2022

In JetBrains TeamCity before 2024.12.1 decryption of connection secrets without proper... Moderate Unreviewed

CVE-2025-24461 was published Jan 21, 2025

Missing Authorization vulnerability in Widget Options Team Widget Options allows Exploiting... Moderate Unreviewed

CVE-2025-22722 was published Jan 21, 2025

Missing Authorization vulnerability in Farhan Noor ApplyOnline – Application Form Builder and... Moderate Unreviewed

CVE-2025-22721 was published Jan 21, 2025

The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is... Moderate Unreviewed

CVE-2024-12104 was published Jan 21, 2025

The Buzz Club – Night Club, DJ and Music Festival Event WordPress Theme theme for WordPress is... Moderate Unreviewed

CVE-2025-0515 was published Jan 18, 2025

The Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media plugin... Moderate Unreviewed

CVE-2024-12071 was published Jan 18, 2025

The MasterStudy LMS plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed

CVE-2024-1904 was published Apr 9, 2024

The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is... Moderate Unreviewed

CVE-2024-1352 was published Apr 9, 2024

Operation restriction bypass vulnerability in Message and Bulletin of Cybozu Garoon 4.6.0 to 5.9... Moderate Unreviewed

CVE-2023-27304 was published May 23, 2023

The Sandbox plugin for WordPress is vulnerable to unauthorized access due to a missing capability... Moderate Unreviewed

CVE-2024-13367 was published Jan 17, 2025

Previous 1 2 3 4 5 … 90 91 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,270 advisories