Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

6,159 advisories

Loading
An AirVantage online Warranty Checker tool vulnerability could allow an attacker to perform bulk... Moderate Unreviewed
CVE-2023-31280 was published Dec 21, 2024
The Page Restriction WordPress (WP) – Protect WP Pages/Post plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-11297 was published Dec 20, 2024
The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers... Moderate Unreviewed
CVE-2013-7331 was published May 14, 2022
Remote authentication bypass vulnerability in HPE Alletra Storage MP B10000 in versions prior to... Moderate Unreviewed
CVE-2024-54009 was published Dec 20, 2024
The Button Block – Get fully customizable & multi-functional buttons plugin for WordPress is... Moderate Unreviewed
CVE-2024-12560 was published Dec 19, 2024
The WP Project Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in... Moderate Unreviewed
CVE-2024-10548 was published Dec 19, 2024
An SSRF issue was discovered in Zoho Application Control Plus before version 10.0.511. The mail... Moderate Unreviewed
CVE-2020-15594 was published May 24, 2022
The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content... Moderate Unreviewed
CVE-2024-11291 was published Dec 18, 2024
The Animation Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2024-12340 was published Dec 18, 2024
The Simple Page Access Restriction plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2024-11295 was published Dec 18, 2024
The Accept Authorize.NET Payments Using Contact Form 7 plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-12250 was published Dec 18, 2024
Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain an... Moderate Unreviewed
CVE-2019-13511 was published May 24, 2022
The ElementsReady Addons for Elementor plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2024-10356 was published Dec 17, 2024
Welcome and About GeoServer pages communicate version and revision information Moderate
CVE-2024-35230 was published for org.geoserver.web:gs-web-app (Maven) Dec 16, 2024
jodygarnett
The PPWP – Password Protect Pages plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2024-11280 was published Dec 17, 2024
Some parameters of the alarm clock module are improperly stored, leaking some sensitive information. Moderate Unreviewed
CVE-2021-26281 was published Dec 17, 2024
The Memberful plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-11294 was published Dec 17, 2024
Some parameters of the weather module are improperly stored, leaking some sensitive information. Moderate Unreviewed
CVE-2021-26279 was published Dec 17, 2024
The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to Information... Moderate Unreviewed
CVE-2024-12578 was published Dec 14, 2024
An information-disclosure vulnerability exists in Fortra's GoAnywhere MFT application prior to... Moderate Unreviewed
CVE-2024-9945 was published Dec 13, 2024
`auth.TokenForHost` violates GitHub host security boundary when sourcing authentication token within a codespace Moderate
CVE-2024-53859 was published for github.com/cli/go-gh (Go) Nov 27, 2024
BagToad williammartin
andyfeller jtmcg Ry0taK
Adobe Experience Manager versions 6.5.19 and earlier are affected by an Improper Access Control... Moderate Unreviewed
CVE-2024-26119 was published Mar 18, 2024
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful... Moderate Unreviewed
CVE-2024-54119 was published Dec 12, 2024
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful... Moderate Unreviewed
CVE-2024-54118 was published Dec 12, 2024
The Accept Stripe Payments Using Contact Form 7 plugin for WordPress is vulnerable to Information... Moderate Unreviewed
CVE-2024-12255 was published Dec 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database