GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,946
Composer 4,273
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,235
npm 3,739
NuGet 668
pip 3,417
Pub 12
RubyGems 891
Rust 872
Swift 36

Unreviewed advisories

All unreviewed 238,567

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

6,370 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability has been found in PHPGurukul Blood Bank & Donor Management System 2.4 and... Moderate Unreviewed

CVE-2024-12955 was published Dec 26, 2024

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages... Moderate Unreviewed

CVE-2024-12636 was published Dec 25, 2024

REDCap through 15.0.0 has a security flaw in the Notes section of calendar events, exposing users... High Unreviewed

CVE-2024-56311 was published Dec 22, 2024

REDCap through 15.0.0 has a security flaw in the Project Dashboards name, exposing users to a... High Unreviewed

CVE-2024-56310 was published Dec 22, 2024

The Reactflow Visitor Recording and Heatmaps plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed

CVE-2024-11975 was published Dec 21, 2024

The eCommerce Product Catalog Plugin for WordPress plugin for WordPress is vulnerable to Cross... High Unreviewed

CVE-2024-12771 was published Dec 21, 2024

Improper access control in the endpoint /RoleMenuMapping/AddRoleMenu of Digiteam v4.21.0.0 allows... High Unreviewed

CVE-2024-37758 was published Dec 20, 2024

The Wtyczka SeoPilot dla WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2024-11812 was published Dec 20, 2024

A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed

CVE-2024-44293 was published Dec 20, 2024

GetSimple CMS CE 3.3.19 is vulnerable to Server-Side Request Forgery (SSRF) in the backend plugin... High Unreviewed

CVE-2024-55088 was published Dec 18, 2024

Rhymix 2.1.19 is vulnerable to Server-Side Request Forgery (SSRF) in the background import data... Unknown Unreviewed

CVE-2024-55089 was published Dec 18, 2024

Atro CSRF Middleware Bypass (security.checkOrigin) Moderate

CVE-2024-56140 was published for astro (npm) Dec 18, 2024

The Peter’s Custom Anti-Spam plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2024-12554 was published Dec 18, 2024

The Affiliate Program Suite — SliceWP Affiliates plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed

CVE-2024-12454 was published Dec 18, 2024

The Stop Registration Spam plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2024-12219 was published Dec 17, 2024

The SMS for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-12220 was published Dec 17, 2024

The User Role Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... High Unreviewed

CVE-2024-12293 was published Dec 17, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Tom Royal Stop Registration Spam allows Stored... High Unreviewed

CVE-2024-56017 was published Dec 17, 2024

A Cross-Site Request Forgery (CSRF) in Sunbird DCIM dcTrack v9.1.2 allows authenticated attackers... High Unreviewed

CVE-2024-37774 was published Dec 17, 2024

Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Avada.This issue affects Avada:... Moderate Unreviewed

CVE-2024-54357 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in John Godley Tidy Up allows Reflected XSS.This... High Unreviewed

CVE-2024-56015 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Posti Posti Shipping allows Cross Site Request... Moderate Unreviewed

CVE-2024-56005 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Pearlbells Flash News / Post (Responsive)... Critical Unreviewed

CVE-2024-56012 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Phoetry phZoom allows Stored XSS.This issue... High Unreviewed

CVE-2024-54434 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Alok Tiwari Amazon Product Price allows Stored... High Unreviewed

CVE-2024-54439 was published Dec 16, 2024

Previous 1 2 3 4 5 … 254 255 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6,370 advisories