Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

719 advisories

Loading
WeGIA 3.2.0 before 3998672 does not verify permission to change a password. High Unreviewed
CVE-2024-53473 was published Dec 8, 2024
Missing Authorization vulnerability in Crocoblock JetEngine allows Exploiting Incorrectly... High Unreviewed
CVE-2023-48758 was published Jan 2, 2025
Missing Authorization vulnerability in spider-themes EazyDocs allows Exploiting Incorrectly... High Unreviewed
CVE-2023-47648 was published Jan 2, 2025
Missing Authorization vulnerability in Themefic Ultimate Addons for Contact Form 7 allows... High Unreviewed
CVE-2023-47693 was published Jan 2, 2025
Missing Authorization vulnerability in David Cramer My Shortcodes allows Exploiting Incorrectly... High Unreviewed
CVE-2023-46632 was published Jan 2, 2025
Missing Authorization vulnerability in WP Travel WP Travel allows Exploiting Incorrectly... High Unreviewed
CVE-2023-47224 was published Jan 2, 2025
Missing Authorization vulnerability in ByConsole WooODT Lite allows Exploiting Incorrectly... High Unreviewed
CVE-2023-47179 was published Jan 2, 2025
Missing Authorization vulnerability in WPDeveloper BetterLinks allows Exploiting Incorrectly... High Unreviewed
CVE-2023-45104 was published Jan 2, 2025
Missing Authorization vulnerability in Azzaroco WP SuperBackup allows Exploiting Incorrectly... High Unreviewed
CVE-2024-56070 was published Dec 31, 2024
Missing Authorization vulnerability in Azzaroco WP SuperBackup allows Exploiting Incorrectly... High Unreviewed
CVE-2024-56067 was published Dec 31, 2024
Missing Authorization vulnerability in Webful Creations Computer Repair Shop allows Privilege... High Unreviewed
CVE-2024-56061 was published Dec 31, 2024
Missing Authorization vulnerability in DeluxeThemes Userpro.This issue affects Userpro: from n/a... High Unreviewed
CVE-2024-56211 was published Dec 31, 2024
The PlugVersions – Easily rollback to previous versions of your plugins plugin for WordPress is... High Unreviewed
CVE-2024-12881 was published Dec 24, 2024
The Custom Login Page Styler – Login Protected Private Site , Change wp-admin login url ,... High Unreviewed
CVE-2024-12594 was published Dec 24, 2024
Missing Authorization vulnerability in VibeThemes WPLMS allows Accessing Functionality Not... High Unreviewed
CVE-2024-56048 was published Dec 18, 2024
Missing Authorization vulnerability in theDotstore Advance Menu Manager.This issue affects... High Unreviewed
CVE-2024-54381 was published Dec 18, 2024
In the development options section of the Settings app, there is a possible authentication bypass... High Unreviewed
CVE-2018-9477 was published Nov 20, 2024
In multiple functions of ShortcutService.java, there is a possible creation of a spoofed shortcut... High Unreviewed
CVE-2018-9469 was published Nov 20, 2024
In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings... High Unreviewed
CVE-2017-13314 was published Nov 16, 2024
Missing Authorization vulnerability in spreadr Spreadr Woocommerce allows Accessing Functionality... High Unreviewed
CVE-2024-56008 was published Dec 18, 2024
The CRM WordPress Plugin – RepairBuddy plugin for WordPress is vulnerable to privilege escalation... High Unreviewed
CVE-2024-12259 was published Dec 18, 2024
In multiple locations, there is a possible permissions bypass due to a missing null check. This... High Unreviewed
CVE-2024-34719 was published Nov 13, 2024
In mayAdminGrantPermission of AdminRestrictedPermissionsUtils.java, there is a possible way to... High Unreviewed
CVE-2024-40661 was published Nov 13, 2024
In wifi_item_edit_content of styles.xml , there is a possible FRP bypass due to Missing check for... High Unreviewed
CVE-2024-40650 was published Sep 11, 2024
In DevmemIntChangeSparse2 of devicemem_server.c, there is a possible way to achieve arbitrary... High Unreviewed
CVE-2024-40671 was published Nov 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database