GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
111,012 advisories
Filter by severity
The Brizy – Page Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Moderate
Unreviewed
CVE-2024-6254
was published
Aug 8, 2024
The Orchid Store theme for WordPress is vulnerable to unauthorized modification of data due to a...
Moderate
Unreviewed
CVE-2024-6987
was published
Aug 8, 2024
The Lightbox & Modal Popup WordPress Plugin – FooBox plugin for WordPress is vulnerable to DOM...
Moderate
Unreviewed
CVE-2024-5668
was published
Aug 8, 2024
The Premium Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification...
Moderate
Unreviewed
CVE-2024-6824
was published
Aug 8, 2024
The Fuse Social Floating Sidebar plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-5226
was published
Aug 8, 2024
The Falang multilanguage for WordPress plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-6869
was published
Aug 8, 2024
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-6552
was published
Aug 8, 2024
Summary:
Microsoft was notified that an elevation of privilege vulnerability exists in Windows...
Moderate
Unreviewed
CVE-2024-21302
was published
Aug 8, 2024
A Stored Cross Site Scripting (XSS) vulnerability was found in "/smsa/add_class_submit.php" in...
Moderate
Unreviewed
CVE-2024-41239
was published
Aug 7, 2024
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated,...
Moderate
Unreviewed
CVE-2024-20443
was published
Aug 7, 2024
Okta Verify for Windows is vulnerable to privilege escalation through DLL hijacking. The...
Moderate
Unreviewed
CVE-2024-7061
was published
Aug 7, 2024
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated,...
Moderate
Unreviewed
CVE-2024-20479
was published
Aug 7, 2024
Pulp incorrectly assigns RBAC permissions in tasks that create objects
Moderate
CVE-2024-7143
was published
for
pulpcore
(pip)
Aug 7, 2024
A Reflected Cross Site Scripting (XSS) vulnerability was found in /smsa/student_login.php in...
Moderate
Unreviewed
CVE-2024-41242
was published
Aug 7, 2024
An IP Spoofing vulnerability has been discovered in Likeshop up to 2.5.7.20210811. This issue...
Moderate
Unreviewed
CVE-2024-41432
was published
Aug 7, 2024
An Incorrect Access Control vulnerability was found in /smsa/admin_student_register_approval.php...
Moderate
Unreviewed
CVE-2024-41252
was published
Aug 7, 2024
A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been classified...
Moderate
Unreviewed
CVE-2024-7578
was published
Aug 7, 2024
A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been declared as...
Moderate
Unreviewed
CVE-2024-7579
was published
Aug 7, 2024
Jenkins does not perform a permission check in an HTTP endpoint
Moderate
CVE-2024-43045
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Aug 7, 2024
Django vulnerable to denial-of-service attack
Moderate
CVE-2024-41991
was published
for
Django
(pip)
Aug 7, 2024
Django vulnerable to a denial-of-service attack
Moderate
CVE-2024-41990
was published
for
Django
(pip)
Aug 7, 2024
Django memory consumption vulnerability
Moderate
CVE-2024-41989
was published
for
Django
(pip)
Aug 7, 2024
A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been rated as...
Moderate
Unreviewed
CVE-2024-7580
was published
Aug 7, 2024
The Organization chart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2024-7355
was published
Aug 7, 2024
The Accept Stripe Payments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-7353
was published
Aug 7, 2024
ProTip!
Advisories are also available from the
GraphQL API