GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,198
Composer 4,096
Erlang 29
GitHub Actions 19
Go 1,925
Maven 5,116
npm 3,654
NuGet 638
pip 3,263
Pub 10
RubyGems 873
Rust 823
Swift 35

Unreviewed advisories

All unreviewed 229,288

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

105,051 advisories

Filter by severity

Sort by

Least recently updated

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction &... Moderate Unreviewed

CVE-2024-8519 was published Oct 4, 2024

The Auto Amazon Links – Amazon Associates Affiliate Plugin plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-9349 was published Oct 4, 2024

The Smart Custom 404 Error Page plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2024-9204 was published Oct 4, 2024

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction &... Moderate Unreviewed

CVE-2024-8520 was published Oct 4, 2024

The WP Blocks Hub plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File... Moderate Unreviewed

CVE-2024-9372 was published Oct 4, 2024

The Popularis Extra plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to... Moderate Unreviewed

CVE-2024-9353 was published Oct 4, 2024

The Aggregator Advanced Settings plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-9368 was published Oct 4, 2024

The Product Delivery Date for WooCommerce – Lite plugin for WordPress is vulnerable to Reflected... Moderate Unreviewed

CVE-2024-9345 was published Oct 4, 2024

The Code Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed

CVE-2024-8804 was published Oct 4, 2024

The Quantity Dynamic Pricing & Bulk Discounts for WooCommerce plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2024-9384 was published Oct 4, 2024

The Fish and Ships – Most flexible shipping table rate. A WooCommerce shipping rate plugin for... Moderate Unreviewed

CVE-2024-9237 was published Oct 4, 2024

The Display Medium Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-9445 was published Oct 4, 2024

The WordPress Captcha Plugin by Captcha Bank plugin for WordPress is vulnerable to Reflected... Moderate Unreviewed

CVE-2024-9375 was published Oct 4, 2024

A vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to... Moderate Unreviewed

CVE-2024-47854 was published Oct 4, 2024

The Memberful – Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-9242 was published Oct 4, 2024

The Login Logout Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-9421 was published Oct 4, 2024

The Clio Grow plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use... Moderate Unreviewed

CVE-2024-8802 was published Oct 4, 2024

An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22... Moderate Unreviewed

CVE-2024-22023 was published Apr 4, 2024

A Cross-Site Request Forgery (CSRF) in Gestsup v3.2.46 allows attackers to arbitrarily edit user... Moderate Unreviewed

CVE-2023-52060 was published Feb 13, 2024

Bandisoft BandiView 7.05 is vulnerable to Incorrect Access Control in sub_0x3d80fc via a crafted... Moderate Unreviewed

CVE-2024-45870 was published Oct 3, 2024

Bandisoft BandiView 7.05 is Incorrect Access Control via sub_0x232bd8 resulting in denial of... Moderate Unreviewed

CVE-2024-45871 was published Oct 3, 2024

Bandisoft BandiView 7.05 is vulnerable to Buffer Overflow via sub_0x410d1d. The vulnerability... Moderate Unreviewed

CVE-2024-45872 was published Oct 3, 2024

A Segmentation Fault issue discovered StreamSerializer::extractStreams function in... Moderate Unreviewed

CVE-2020-21723 was published Aug 22, 2023

DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to reflected XSS by authenticated users,... Moderate Unreviewed

CVE-2024-41584 was published Oct 3, 2024

DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to stored Cross Site Scripting (XSS) by... Moderate Unreviewed

CVE-2024-41583 was published Oct 3, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

105,051 advisories