GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,916
Composer 4,270
Erlang 31
GitHub Actions 21
Go 2,046
Maven 5,231
npm 3,737
NuGet 663
pip 3,415
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,347

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

110,764 advisories

Filter by severity

Sort by

Least recently updated

The Category Post Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-11878 was published Dec 20, 2024

The Financial Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-11783 was published Dec 20, 2024

The Maintenance & Coming Soon Redirect Animation plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-9503 was published Dec 20, 2024

The WP SHAPES plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File... Moderate Unreviewed

CVE-2024-9619 was published Dec 20, 2024

The NACC WordPress Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-12506 was published Dec 20, 2024

The Spotlightr plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed

CVE-2024-11411 was published Dec 20, 2024

The استخراج محصولات ووکامرس برای آیسی plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2024-11331 was published Dec 20, 2024

The Sell Tickets Online – TicketSource Ticket Shop for WordPress plugin for WordPress is... Moderate Unreviewed

CVE-2024-11784 was published Dec 20, 2024

The Particle Background plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-11775 was published Dec 20, 2024

The Page Restriction WordPress (WP) – Protect WP Pages/Post plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-11297 was published Dec 20, 2024

The Embed Twine plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2024-12509 was published Dec 20, 2024

The PKT1 Centro de envios plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed

CVE-2024-11806 was published Dec 20, 2024

The Spoki – Chat Buttons and WooCommerce Notifications plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-11893 was published Dec 20, 2024

The Wtyczka SeoPilot dla WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2024-11812 was published Dec 20, 2024

The Outdooractive Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-11774 was published Dec 20, 2024

Cross-site scripting vulnerability in Trellix ePolicy Orchestrator prior to ePO 5.10 Service Pack... Moderate Unreviewed

CVE-2024-5955 was published Dec 20, 2024

Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability. This... Moderate Unreviewed

CVE-2024-12831 was published Dec 20, 2024

The PCRecruiter Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-11776 was published Dec 20, 2024

Nomad Community and Nomad Enterprise ("Nomad") allocations are vulnerable to privilege escalation... Moderate Unreviewed

CVE-2024-12678 was published Dec 20, 2024

Remote authentication bypass vulnerability in HPE Alletra Storage MP B10000 in versions prior to... Moderate Unreviewed

CVE-2024-54009 was published Dec 20, 2024

An assert may be triggered, causing a temporary denial of service when a peer device sends a... Moderate Unreviewed

CVE-2024-7138 was published Dec 19, 2024

Due to an unchecked buffer length, a specially crafted L2CAP packet can cause a buffer overflow.... Moderate Unreviewed

CVE-2024-7139 was published Dec 19, 2024

The L2CAP receive data buffer for L2CAP packets is restricted to packet sizes smaller than the... Moderate Unreviewed

CVE-2024-7137 was published Dec 19, 2024

The HP Linux Imaging and Printing (HPLIP) software may potentially be affected by memory buffer... Moderate Unreviewed

CVE-2020-6923 was published Dec 19, 2024

IBM MQ Appliance 9.3 LTS, 9.3 CD, and 9.4 LTS web console could allow an authenticated user to... Moderate Unreviewed

CVE-2024-51471 was published Dec 19, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

110,764 advisories