Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
21
Go
2,094
Maven
5,000+
npm
3,759
NuGet
678
pip
3,445
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

745 advisories

Loading
In multiple functions of CompanionDeviceManagerService.java, there is a possible way to grant... High Unreviewed
CVE-2024-49732 was published Jan 22, 2025
The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification... High Unreviewed
CVE-2024-4222 was published May 16, 2024
The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification... High Unreviewed
CVE-2024-4351 was published May 16, 2024
The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification... High Unreviewed
CVE-2024-4352 was published May 16, 2024
Missing Authorization vulnerability in Team118GROUP Team 118GROUP Agent allows Exploiting... High Unreviewed
CVE-2025-23512 was published Jan 22, 2025
In multiple functions of WifiServiceImpl.java, there is a possible way to activate Wi-Fi hotspot... High Unreviewed
CVE-2018-9382 was published Jan 18, 2025
Missing Authorization vulnerability in Realty Workstation Realty Workstation allows Accessing... High Unreviewed
CVE-2025-23477 was published Jan 21, 2025
Missing Authorization vulnerability in Eniture Technology Standard Box Sizes – for WooCommerce.... High Unreviewed
CVE-2025-22318 was published Jan 21, 2025
Missing Authorization vulnerability in Joe Dolson My Tickets allows Accessing Functionality Not... High Unreviewed
CVE-2025-22717 was published Jan 21, 2025
The Passwords Manager plugin for WordPress is vulnerable to unauthorized modification of data due... High Unreviewed
CVE-2024-12614 was published Jan 16, 2025
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-11916 was published Jan 8, 2025
An issue in XINJE XL5E-16T V3.7.2a allows attackers to cause a Denial of Service (DoS) via a... High Unreviewed
CVE-2024-50953 was published Jan 15, 2025
The Brizy – Page Builder plugin for WordPress is vulnerable to unauthorized modification of data... High Unreviewed
CVE-2024-1937 was published Jul 16, 2024
The NitroPack plugin for WordPress is vulnerable to unauthorized modification of data due to a... High Unreviewed
CVE-2024-11848 was published Jan 15, 2025
The W3 Total Cache plugin for WordPress is vulnerable to unauthorized access of data due to a... High Unreviewed
CVE-2024-12365 was published Jan 14, 2025
Improper access control vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5... High Unreviewed
CVE-2023-28657 was published Jun 1, 2023
The linkID plugin for WordPress is vulnerable to unauthorized access of data due to a missing... High Unreviewed
CVE-2024-12542 was published Jan 9, 2025
The SKT Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to a... High Unreviewed
CVE-2024-12848 was published Jan 9, 2025
The Ultimate Gift Cards for WooCommerce – Create WooCommerce Gift Cards, Gift Vouchers, Redeem &... High Unreviewed
CVE-2024-11423 was published Jan 8, 2025
The WordPress Webinar Plugin – WebinarPress plugin for WordPress is vulnerable to arbitrary file... High Unreviewed
CVE-2024-11270 was published Jan 8, 2025
The WordPress Webinar Plugin – WebinarPress plugin for WordPress is vulnerable to modification of... High Unreviewed
CVE-2024-11271 was published Jan 8, 2025
The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Remote Code... High Unreviewed
CVE-2024-11816 was published Jan 8, 2025
Missing Authorization vulnerability in Lenderd 1003 Mortgage Application allows Accessing... High Unreviewed
CVE-2025-22592 was published Jan 7, 2025
The Croma Music plugin for WordPress is vulnerable to unauthorized modification of data that can... High Unreviewed
CVE-2024-12202 was published Jan 7, 2025
The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-11725 was published Jan 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database