GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,350
Composer 4,652
Erlang 34
GitHub Actions 26
Go 2,257
Maven 5,512
npm 3,909
NuGet 704
pip 3,680
Pub 12
RubyGems 915
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,217

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

118,965 advisories

Filter by severity

Sort by

Least recently updated

The Constant Contact Forms by MailMunch plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed

CVE-2024-9614 was published Nov 13, 2024

The AJAX Login and Registration modal popup + inline form plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-8874 was published Nov 13, 2024

The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2024-10529 was published Nov 13, 2024

The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2024-10531 was published Nov 13, 2024

The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2024-10530 was published Nov 13, 2024

The Product Delivery Date for WooCommerce – Lite plugin for WordPress is vulnerable to Reflected... Moderate Unreviewed

CVE-2024-10882 was published Nov 13, 2024

The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2024-11143 was published Nov 13, 2024

The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More... Moderate Unreviewed

CVE-2024-10593 was published Nov 13, 2024

The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2024-10684 was published Nov 13, 2024

Improper bounds checking in Ivanti Secure Access Client before version 22.7R3 allows a local... Moderate Unreviewed

CVE-2024-38654 was published Nov 13, 2024

The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed

CVE-2024-10854 was published Nov 13, 2024

The NiceJob plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of the... Moderate Unreviewed

CVE-2024-10887 was published Nov 13, 2024

The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed

CVE-2024-10853 was published Nov 13, 2024

The Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler plugin for WordPress is... Moderate Unreviewed

CVE-2024-10686 was published Nov 13, 2024

The WP-Strava plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin... Moderate Unreviewed

CVE-2024-10038 was published Nov 13, 2024

The 胖鼠采集(Fat Rat Collect) 微信知乎简书腾讯新闻列表分页采集, 还有自动采集、自动发布、自动标签、等多项功能。开源插件 plugin for WordPress is... Moderate Unreviewed

CVE-2024-10577 was published Nov 13, 2024

The Styler for Ninja Forms plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed

CVE-2024-10717 was published Nov 13, 2024

The BuddyPress Builder for Elementor – BuddyBuilder plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-10778 was published Nov 13, 2024

The Razorpay Payment Button Elementor Plugin plugin for WordPress is vulnerable to Reflected... Moderate Unreviewed

CVE-2024-10850 was published Nov 13, 2024

The Razorpay Payment Button Plugin plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2024-10851 was published Nov 13, 2024

The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized access of data... Moderate Unreviewed

CVE-2024-10852 was published Nov 13, 2024

SOCIFI Socifi Guest wifi as SAAS is affected by Cross Site Request Forgery (CSRF) via the Socifi... Moderate Unreviewed

CVE-2021-27701 was published Nov 13, 2024

Sercomm Model Etisalat Model S3- AC2100 is affected by Cross Site Scripting (XSS) via the... Moderate Unreviewed

CVE-2021-27703 was published Nov 13, 2024

The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`),... Moderate Unreviewed

CVE-2024-11168 was published Nov 13, 2024

Cross Site Request Forgery vulnerability in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink... Moderate Unreviewed

CVE-2024-28731 was published Nov 13, 2024

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

118,965 advisories