GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
160 advisories
Filter by severity
The WooCommerce Point of Sale plugin for WordPress is vulnerable to privilege escalation in all...
Critical
Unreviewed
CVE-2024-11281
was published
Dec 25, 2024
Missing Authorization vulnerability in ThemeHunk Zita Site Builder allows Accessing Functionality...
Critical
Unreviewed
CVE-2024-54369
was published
Dec 16, 2024
Missing Authorization vulnerability in dugudlabs Eyewear prescription form allows Privilege...
Critical
Unreviewed
CVE-2024-54239
was published
Dec 13, 2024
Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support...
Critical
Unreviewed
CVE-2022-46838
was published
Dec 13, 2024
An issue was discovered in MSA Safety FieldServer Gateways and Embedded Modules with build...
Critical
Unreviewed
CVE-2024-45493
was published
Dec 10, 2024
Missing Authorization vulnerability in Envato Security Team Sweet Date.This issue affects Sweet...
Critical
Unreviewed
CVE-2024-43222
was published
Dec 9, 2024
Missing Authorization vulnerability in SoftLab Integrate Google Drive allows Exploiting...
Critical
Unreviewed
CVE-2023-32117
was published
Dec 9, 2024
Missing Authorization vulnerability in Najeeb Ahmad Simple User Registration allows Accessing...
Critical
Unreviewed
CVE-2024-53810
was published
Dec 6, 2024
The SV100 Companion plugin for WordPress is vulnerable to unauthorized modification of data that...
Critical
Unreviewed
CVE-2024-12155
was published
Dec 6, 2024
The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to...
Critical
Unreviewed
CVE-2024-10542
was published
Nov 26, 2024
NVIDIA Base Command Manager contains a missing authentication vulnerability in the CMDaemon...
Critical
Unreviewed
CVE-2024-0138
was published
Nov 23, 2024
Missing Authorization vulnerability in Eugen Bobrowski Debug Tool allows Upload a Web Shell to a...
Critical
Unreviewed
CVE-2024-52416
was published
Nov 17, 2024
Missing Authorization vulnerability in Medma Technologies Matix Popup Builder allows Privilege...
Critical
Unreviewed
CVE-2024-52382
was published
Nov 14, 2024
CWE-862: Missing Authorization vulnerability exists that could cause unauthorized access when...
Critical
Unreviewed
CVE-2024-10575
was published
Nov 13, 2024
The Leopard - WordPress Offload Media plugin for WordPress is vulnerable to unauthorized...
Critical
Unreviewed
CVE-2024-10589
was published
Nov 9, 2024
The Debug Tool plugin for WordPress is vulnerable to arbitrary file creation due to a missing...
Critical
Unreviewed
CVE-2024-10586
was published
Nov 9, 2024
sunniwell HT3300 before 1.0.0.B022.2 is vulnerable to Insecure Permissions. The /usr/local/bin...
Critical
Unreviewed
CVE-2024-48073
was published
Nov 9, 2024
Missing Authorization vulnerability in Szabolcs Szecsenyi PegaPoll allows Accessing Functionality...
Critical
Unreviewed
CVE-2024-50490
was published
Oct 29, 2024
Missing Authorization vulnerability in GRÜN Software Group GmbH GRÜN spendino Spendenformular...
Critical
Unreviewed
CVE-2024-50476
was published
Oct 29, 2024
Missing Authorization vulnerability in Scott Gamon Signup Page allows Privilege Escalation.This...
Critical
Unreviewed
CVE-2024-50475
was published
Oct 29, 2024
Incorrect access control in the firmware update and download processes of Neye3C v4.5.2.0 allows...
Critical
Unreviewed
CVE-2024-48538
was published
Oct 24, 2024
The File Manager plugin for WordPress is vulnerable to authorization bypass due to a missing...
Critical
Unreviewed
CVE-2018-25105
was published
Oct 16, 2024
The SiteGround Optimizer plugin for WordPress is vulnerable to authorization bypass leading to...
Critical
Unreviewed
CVE-2019-25217
was published
Oct 16, 2024
The ThemeGrill Demo Importer plugin for WordPress is vulnerable to authentication bypass due to a...
Critical
Unreviewed
CVE-2020-36837
was published
Oct 16, 2024
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)...
Critical
Unreviewed
CVE-2024-21216
was published
Oct 15, 2024
ProTip!
Advisories are also available from the
GraphQL API