Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,112
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

837 advisories

Loading
The Host PHP Info plugin for WordPress is vulnerable to unauthorized access of data due to a... High Unreviewed
CVE-2024-12535 was published Jan 7, 2025
WeGIA 3.2.0 before 3998672 does not verify permission to change a password. High Unreviewed
CVE-2024-53473 was published Dec 8, 2024
Missing Authorization vulnerability in Crocoblock JetEngine allows Exploiting Incorrectly... High Unreviewed
CVE-2023-48758 was published Jan 2, 2025
Missing Authorization vulnerability in spider-themes EazyDocs allows Exploiting Incorrectly... High Unreviewed
CVE-2023-47648 was published Jan 2, 2025
Missing Authorization vulnerability in David Cramer My Shortcodes allows Exploiting Incorrectly... High Unreviewed
CVE-2023-46632 was published Jan 2, 2025
Missing Authorization vulnerability in WP Travel WP Travel allows Exploiting Incorrectly... High Unreviewed
CVE-2023-47224 was published Jan 2, 2025
Missing Authorization vulnerability in Themefic Ultimate Addons for Contact Form 7 allows... High Unreviewed
CVE-2023-47693 was published Jan 2, 2025
Missing Authorization vulnerability in ByConsole WooODT Lite allows Exploiting Incorrectly... High Unreviewed
CVE-2023-47179 was published Jan 2, 2025
Missing Authorization vulnerability in WPDeveloper BetterLinks allows Exploiting Incorrectly... High Unreviewed
CVE-2023-45104 was published Jan 2, 2025
Missing Authorization vulnerability in Webful Creations Computer Repair Shop allows Privilege... High Unreviewed
CVE-2024-56061 was published Dec 31, 2024
Missing Authorization vulnerability in Azzaroco WP SuperBackup allows Exploiting Incorrectly... High Unreviewed
CVE-2024-56070 was published Dec 31, 2024
Missing Authorization vulnerability in Azzaroco WP SuperBackup allows Exploiting Incorrectly... High Unreviewed
CVE-2024-56067 was published Dec 31, 2024
Missing Authorization vulnerability in DeluxeThemes Userpro.This issue affects Userpro: from n/a... High Unreviewed
CVE-2024-56211 was published Dec 31, 2024
The PlugVersions – Easily rollback to previous versions of your plugins plugin for WordPress is... High Unreviewed
CVE-2024-12881 was published Dec 24, 2024
The Custom Login Page Styler – Login Protected Private Site , Change wp-admin login url ,... High Unreviewed
CVE-2024-12594 was published Dec 24, 2024
Missing Authorization vulnerability in VibeThemes WPLMS allows Accessing Functionality Not... High Unreviewed
CVE-2024-56048 was published Dec 18, 2024
Missing Authorization vulnerability in theDotstore Advance Menu Manager.This issue affects... High Unreviewed
CVE-2024-54381 was published Dec 18, 2024
In the development options section of the Settings app, there is a possible authentication bypass... High Unreviewed
CVE-2018-9477 was published Nov 20, 2024
In multiple functions of ShortcutService.java, there is a possible creation of a spoofed shortcut... High Unreviewed
CVE-2018-9469 was published Nov 20, 2024
In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings... High Unreviewed
CVE-2017-13314 was published Nov 16, 2024
Missing Authorization vulnerability in spreadr Spreadr Woocommerce allows Accessing Functionality... High Unreviewed
CVE-2024-56008 was published Dec 18, 2024
The CRM WordPress Plugin – RepairBuddy plugin for WordPress is vulnerable to privilege escalation... High Unreviewed
CVE-2024-12259 was published Dec 18, 2024
In multiple locations, there is a possible permissions bypass due to a missing null check. This... High Unreviewed
CVE-2024-34719 was published Nov 13, 2024
In wifi_item_edit_content of styles.xml , there is a possible FRP bypass due to Missing check for... High Unreviewed
CVE-2024-40650 was published Sep 11, 2024
In DevmemIntChangeSparse2 of devicemem_server.c, there is a possible way to achieve arbitrary... High Unreviewed
CVE-2024-40671 was published Nov 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database