GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,944
Composer 4,273
Erlang 31
GitHub Actions 21
Go 2,055
Maven 5,234
npm 3,739
NuGet 668
pip 3,417
Pub 12
RubyGems 891
Rust 872
Swift 36

Unreviewed advisories

All unreviewed 238,569

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,499 advisories

Filter by severity

Sort by

Least recently updated

REDCap through 15.0.0 has a security flaw in the Project Dashboards name, exposing users to a... High Unreviewed

CVE-2024-56310 was published Dec 22, 2024

REDCap through 15.0.0 has a security flaw in the Notes section of calendar events, exposing users... High Unreviewed

CVE-2024-56311 was published Dec 22, 2024

The eCommerce Product Catalog Plugin for WordPress plugin for WordPress is vulnerable to Cross... High Unreviewed

CVE-2024-12771 was published Dec 21, 2024

Improper access control in the endpoint /RoleMenuMapping/AddRoleMenu of Digiteam v4.21.0.0 allows... High Unreviewed

CVE-2024-37758 was published Dec 20, 2024

GetSimple CMS CE 3.3.19 is vulnerable to Server-Side Request Forgery (SSRF) in the backend plugin... High Unreviewed

CVE-2024-55088 was published Dec 18, 2024

The User Role Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... High Unreviewed

CVE-2024-12293 was published Dec 17, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Tom Royal Stop Registration Spam allows Stored... High Unreviewed

CVE-2024-56017 was published Dec 17, 2024

A Cross-Site Request Forgery (CSRF) in Sunbird DCIM dcTrack v9.1.2 allows authenticated attackers... High Unreviewed

CVE-2024-37774 was published Dec 17, 2024

Cross-Site Request Forgery (CSRF) vulnerability in John Godley Tidy Up allows Reflected XSS.This... High Unreviewed

CVE-2024-56015 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Aleksander Novikov Metrika allows Cross Site... High Unreviewed

CVE-2024-54420 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in onigetoc Add image to Post allows Stored XSS... High Unreviewed

CVE-2024-54428 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Shambhu Prasad Patnaik WP Flipkart Importer... High Unreviewed

CVE-2024-54432 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Simple Booking Simple Booking Widget allows... High Unreviewed

CVE-2024-54433 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Phoetry phZoom allows Stored XSS.This issue... High Unreviewed

CVE-2024-54434 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Alok Tiwari Amazon Product Price allows Stored... High Unreviewed

CVE-2024-54439 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Jettochkin Jet Footer Code allows Stored XSS... High Unreviewed

CVE-2024-54436 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Thomas Hoefter Onlywire Multi Autosubmitter... High Unreviewed

CVE-2024-54435 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in blueskyy WP-Ban-User allows Stored XSS.This... High Unreviewed

CVE-2024-54440 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in GAxx Gaxx Keywords allows Stored XSS.This... High Unreviewed

CVE-2024-54438 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Sheikh Heera WP Fiddle allows Stored XSS.This... High Unreviewed

CVE-2024-54393 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Antonio Gocaj Go Animate allows Stored XSS... High Unreviewed

CVE-2024-54397 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Matt Walters WordPress Filter allows Stored... High Unreviewed

CVE-2024-54391 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Midoks WP微信机器人 allows Stored XSS.This issue... High Unreviewed

CVE-2024-54392 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Web solution soft Mandrill WP allows Stored... High Unreviewed

CVE-2024-54394 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Project Caruso Flaming Forms allows Stored XSS... High Unreviewed

CVE-2024-54398 was published Dec 16, 2024

Previous 1 2 3 4 5 … 99 100 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,499 advisories