Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,112
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

197 advisories

Loading
The Media Manager for UserPro plugin for WordPress is vulnerable to unauthorized modification of... Critical Unreviewed
CVE-2024-12822 was published Jan 30, 2025
It was discovered, that redis, a persistent key-value database, due to a packaging issue, is... Critical Unreviewed
CVE-2022-0543 was published Feb 19, 2022
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, watchOS... Critical Unreviewed
CVE-2024-54530 was published Jan 28, 2025
The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of... Critical Unreviewed
CVE-2024-4223 was published May 16, 2024
Missing Authorization to enable or disable users in org.xwiki.platform:xwiki-platform-user-profile-ui Critical
CVE-2022-41930 was published for org.xwiki.platform:xwiki-platform-user-profile-ui (Maven) Nov 21, 2022
anonymous-nlp-student
XWiki Realtime WYSIWYG Editor extension allows privilege escalation (PR) through realtime WYSIWYG editing Critical
CVE-2025-23025 was published for org.xwiki.platform:xwiki-platform-realtime-wysiwyg-ui (Maven) Jan 14, 2025
Ray Missing Authorization vulnerability Critical
CVE-2023-6020 was published for ray (pip) Nov 16, 2023
cpropps-sysdig
Missing Authorization vulnerability in Inspry Agency Toolkit allows Privilege Escalation.This... Critical Unreviewed
CVE-2024-56066 was published Dec 31, 2024
The WooCommerce Point of Sale plugin for WordPress is vulnerable to privilege escalation in all... Critical Unreviewed
CVE-2024-11281 was published Dec 25, 2024
Missing Authorization vulnerability in ThemeHunk Zita Site Builder allows Accessing Functionality... Critical Unreviewed
CVE-2024-54369 was published Dec 16, 2024
An issue was discovered in MSA Safety FieldServer Gateways and Embedded Modules with build... Critical Unreviewed
CVE-2024-45493 was published Dec 10, 2024
Missing Authorization vulnerability in dugudlabs Eyewear prescription form allows Privilege... Critical Unreviewed
CVE-2024-54239 was published Dec 13, 2024
Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support... Critical Unreviewed
CVE-2022-46838 was published Dec 13, 2024
XWiki allows RCE from script right in configurable sections Critical
CVE-2024-55879 was published for org.xwiki.platform:xwiki-platform-administration-ui (Maven) Dec 12, 2024
Missing Authorization vulnerability in Envato Security Team Sweet Date.This issue affects Sweet... Critical Unreviewed
CVE-2024-43222 was published Dec 9, 2024
Missing Authorization vulnerability in SoftLab Integrate Google Drive allows Exploiting... Critical Unreviewed
CVE-2023-32117 was published Dec 9, 2024
Missing Authorization vulnerability in Najeeb Ahmad Simple User Registration allows Accessing... Critical Unreviewed
CVE-2024-53810 was published Dec 6, 2024
The SV100 Companion plugin for WordPress is vulnerable to unauthorized modification of data that... Critical Unreviewed
CVE-2024-12155 was published Dec 6, 2024
The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to... Critical Unreviewed
CVE-2024-10542 was published Nov 26, 2024
NVIDIA Base Command Manager contains a missing authentication vulnerability in the CMDaemon... Critical Unreviewed
CVE-2024-0138 was published Nov 23, 2024
sunniwell HT3300 before 1.0.0.B022.2 is vulnerable to Insecure Permissions. The /usr/local/bin... Critical Unreviewed
CVE-2024-48073 was published Nov 9, 2024
Missing Authorization vulnerability in Eugen Bobrowski Debug Tool allows Upload a Web Shell to a... Critical Unreviewed
CVE-2024-52416 was published Nov 17, 2024
Missing Authorization vulnerability in Medma Technologies Matix Popup Builder allows Privilege... Critical Unreviewed
CVE-2024-52382 was published Nov 14, 2024
CWE-862: Missing Authorization vulnerability exists that could cause unauthorized access when... Critical Unreviewed
CVE-2024-10575 was published Nov 13, 2024
The Leopard - WordPress Offload Media plugin for WordPress is vulnerable to unauthorized... Critical Unreviewed
CVE-2024-10589 was published Nov 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database