Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,782
NuGet
683
pip
3,460
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

9,060 advisories

Loading
Browsershot Improper Input Validation vulnerability Moderate
CVE-2024-21549 was published for spatie/browsershot (Composer) Dec 20, 2024
Remote authentication bypass vulnerability in HPE Alletra Storage MP B10000 in versions prior to... Moderate Unreviewed
CVE-2024-54009 was published Dec 20, 2024
The Button Block – Get fully customizable & multi-functional buttons plugin for WordPress is... Moderate Unreviewed
CVE-2024-12560 was published Dec 19, 2024
The WP Project Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in... Moderate Unreviewed
CVE-2024-10548 was published Dec 19, 2024
The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content... Moderate Unreviewed
CVE-2024-11291 was published Dec 18, 2024
The Animation Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2024-12340 was published Dec 18, 2024
The Simple Page Access Restriction plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2024-11295 was published Dec 18, 2024
The Accept Authorize.NET Payments Using Contact Form 7 plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-12250 was published Dec 18, 2024
The ElementsReady Addons for Elementor plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2024-10356 was published Dec 17, 2024
The PPWP – Password Protect Pages plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2024-11280 was published Dec 17, 2024
The s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member... High Unreviewed
CVE-2024-8326 was published Dec 17, 2024
The Memberful plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-11294 was published Dec 17, 2024
Some parameters of the alarm clock module are improperly stored, leaking some sensitive information. Moderate Unreviewed
CVE-2021-26281 was published Dec 17, 2024
Some parameters of the weather module are improperly stored, leaking some sensitive information. Moderate Unreviewed
CVE-2021-26279 was published Dec 17, 2024
Welcome and About GeoServer pages communicate version and revision information Moderate
CVE-2024-35230 was published for org.geoserver.web:gs-web-app (Maven) Dec 16, 2024
jodygarnett
The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to Information... Moderate Unreviewed
CVE-2024-12578 was published Dec 14, 2024
An information-disclosure vulnerability exists in Fortra's GoAnywhere MFT application prior to... Moderate Unreviewed
CVE-2024-9945 was published Dec 13, 2024
This issue affects: Secomea GateManager Version 9.5 and all prior versions. Protection Mechanism... Low Unreviewed
CVE-2021-32007 was published Dec 13, 2024
http4k has a potential XXE (XML External Entity Injection) vulnerability Critical
CVE-2024-55875 was published for org.http4k:http4k-format-xml (Maven) Dec 12, 2024
JAckLosingHeart
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful... Moderate Unreviewed
CVE-2024-54118 was published Dec 12, 2024
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful... Moderate Unreviewed
CVE-2024-54119 was published Dec 12, 2024
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful... Moderate Unreviewed
CVE-2024-54117 was published Dec 12, 2024
Vulnerability of improper access control in the album module Impact: Successful exploitation of... Moderate Unreviewed
CVE-2024-54103 was published Dec 12, 2024
Withdrawn Advisory: undertow: information leakage via HTTP/2 request header reuse High
CVE-2024-4109 was published for io.undertow:undertow-core (Maven) Dec 12, 2024 withdrawn
Exposure of Sensitive Information to an Unauthorized Actor vulnerability was discovered in Open... Moderate Unreviewed
CVE-2024-12564 was published Dec 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database