GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
5,663 advisories
Filter by severity
The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages...
Moderate
Unreviewed
CVE-2024-12636
was published
Dec 25, 2024
REDCap through 15.0.0 has a security flaw in the Notes section of calendar events, exposing users...
High
Unreviewed
CVE-2024-56311
was published
Dec 22, 2024
REDCap through 15.0.0 has a security flaw in the Project Dashboards name, exposing users to a...
High
Unreviewed
CVE-2024-56310
was published
Dec 22, 2024
The eCommerce Product Catalog Plugin for WordPress plugin for WordPress is vulnerable to Cross...
High
Unreviewed
CVE-2024-12771
was published
Dec 21, 2024
The Reactflow Visitor Recording and Heatmaps plugin for WordPress is vulnerable to Cross-Site...
Moderate
Unreviewed
CVE-2024-11975
was published
Dec 21, 2024
Rhymix 2.1.19 is vulnerable to Server-Side Request Forgery (SSRF) in the background import data...
Unknown
Unreviewed
CVE-2024-55089
was published
Dec 18, 2024
GetSimple CMS CE 3.3.19 is vulnerable to Server-Side Request Forgery (SSRF) in the backend plugin...
High
Unreviewed
CVE-2024-55088
was published
Dec 18, 2024
Improper access control in the endpoint /RoleMenuMapping/AddRoleMenu of Digiteam v4.21.0.0 allows...
High
Unreviewed
CVE-2024-37758
was published
Dec 20, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is...
Moderate
Unreviewed
CVE-2024-44293
was published
Dec 20, 2024
The Wtyczka SeoPilot dla WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in...
Moderate
Unreviewed
CVE-2024-11812
was published
Dec 20, 2024
The Affiliate Program Suite — SliceWP Affiliates plugin for WordPress is vulnerable to Cross-Site...
Moderate
Unreviewed
CVE-2024-12454
was published
Dec 18, 2024
The Peter’s Custom Anti-Spam plugin for WordPress is vulnerable to Cross-Site Request Forgery in...
Moderate
Unreviewed
CVE-2024-12554
was published
Dec 18, 2024
A Cross-Site Request Forgery (CSRF) in Sunbird DCIM dcTrack v9.1.2 allows authenticated attackers...
High
Unreviewed
CVE-2024-37774
was published
Dec 17, 2024
The SMS for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Moderate
Unreviewed
CVE-2024-12220
was published
Dec 17, 2024
The User Role Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
High
Unreviewed
CVE-2024-12293
was published
Dec 17, 2024
The Stop Registration Spam plugin for WordPress is vulnerable to Cross-Site Request Forgery in...
Moderate
Unreviewed
CVE-2024-12219
was published
Dec 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Tom Royal Stop Registration Spam allows Stored...
High
Unreviewed
CVE-2024-56017
was published
Dec 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Avada.This issue affects Avada:...
Moderate
Unreviewed
CVE-2024-54357
was published
Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in John Godley Tidy Up allows Reflected XSS.This...
High
Unreviewed
CVE-2024-56015
was published
Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Posti Posti Shipping allows Cross Site Request...
Moderate
Unreviewed
CVE-2024-56005
was published
Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Pearlbells Flash News / Post (Responsive)...
Critical
Unreviewed
CVE-2024-56012
was published
Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ivan Ovsyannikov Aphorismus allows Stored XSS...
High
Unreviewed
CVE-2024-54429
was published
Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Shambhu Prasad Patnaik WP Flipkart Importer...
High
Unreviewed
CVE-2024-54432
was published
Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Andy Fradelakis LeaderBoard Plugin allows...
High
Unreviewed
CVE-2024-54426
was published
Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Bastien Ho EELV Newsletter allows Cross Site...
Moderate
Unreviewed
CVE-2024-54430
was published
Dec 16, 2024
ProTip!
Advisories are also available from the
GraphQL API