Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

110,823 advisories

Loading
The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and... Moderate Unreviewed
CVE-2024-11852 was published Dec 22, 2024
IBM i 7.3, 7.4, and 7.5 is vulnerable to server-side request forgery (SSRF). This may allow an... Moderate Unreviewed
CVE-2024-51463 was published Dec 21, 2024
A vulnerability was found in Codezips E-Commerce Website 1.0. It has been rated as critical.... Moderate Unreviewed
CVE-2024-12884 was published Dec 21, 2024
IBM i 7.3, 7.4, and 7.5 is vulnerable to bypassing Navigator for i interface restrictions. By... Moderate Unreviewed
CVE-2024-51464 was published Dec 21, 2024
A vulnerability was found in code-projects Job Recruitment 1.0. It has been declared as... Moderate Unreviewed
CVE-2024-12883 was published Dec 21, 2024
The WP BASE Booking of Appointments, Services and Events plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-12558 was published Dec 21, 2024
The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress... Moderate Unreviewed
CVE-2024-12875 was published Dec 21, 2024
The MagicPost plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed
CVE-2024-12591 was published Dec 21, 2024
The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-10453 was published Dec 21, 2024
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to SQL Injection via the ... Moderate Unreviewed
CVE-2024-11722 was published Dec 21, 2024
The WP on AWS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_POST... Moderate Unreviewed
CVE-2024-12408 was published Dec 21, 2024
The LaTeX2HTML plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ver'... Moderate Unreviewed
CVE-2024-11688 was published Dec 21, 2024
The Reactflow Visitor Recording and Heatmaps plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed
CVE-2024-11975 was published Dec 21, 2024
The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2024-12588 was published Dec 21, 2024
The Ebook Store plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the... Moderate Unreviewed
CVE-2024-11287 was published Dec 21, 2024
The G Web Pro Store Locator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed
CVE-2024-11682 was published Dec 21, 2024
The One Click Upsell Funnel for WooCommerce – Funnel Builder for WordPress, Create WooCommerce... Moderate Unreviewed
CVE-2024-11938 was published Dec 21, 2024
The Multi-column Tag Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-11196 was published Dec 21, 2024
The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2024-9545 was published Dec 21, 2024
The Full Screen Menu for Elementor plugin for WordPress is vulnerable to Information Exposure in... Moderate Unreviewed
CVE-2024-10797 was published Dec 21, 2024
The real.Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up... Moderate Unreviewed
CVE-2024-12697 was published Dec 21, 2024
The Ebook Store plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2024-12262 was published Dec 21, 2024
The WP Docs plugin for WordPress is vulnerable to time-based SQL Injection via the 'dir_id'... Moderate Unreviewed
CVE-2024-12635 was published Dec 21, 2024
The Pingmeter Uptime Monitoring plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed
CVE-2024-11808 was published Dec 21, 2024
A vulnerability, which was classified as problematic, has been found in Emlog Pro up to 2.4.1.... Moderate Unreviewed
CVE-2024-12846 was published Dec 21, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database