GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,674 advisories
Filter by severity
The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to privilege escalation in...
High
Unreviewed
CVE-2024-8349
was published
Sep 25, 2024
The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-8437
was published
Sep 25, 2024
The Easy Mega Menu Plugin for WordPress – ThemeHunk plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-8434
was published
Sep 25, 2024
The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to user group add due to a...
Low
Unreviewed
CVE-2024-8350
was published
Sep 25, 2024
The Appointment & Event Booking Calendar Plugin – Webba Booking plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-8432
was published
Sep 24, 2024
The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-7888
was published
Sep 13, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 11.2 before 17.1.7...
Moderate
Unreviewed
CVE-2024-4660
was published
Sep 12, 2024
The HTML5 Video Player – mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-7727
was published
Sep 11, 2024
The HTML5 Video Player – mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-7721
was published
Sep 11, 2024
In onCreate of SettingsHomepageActivity.java, there is a possible way to access the Settings app...
High
Unreviewed
CVE-2024-40652
was published
Sep 11, 2024
XWiki Platform document history including authors of any page exposed to unauthorized actors
Moderate
CVE-2024-45591
was published
for
org.xwiki.platform:xwiki-platform-rest-server
(Maven)
Sep 10, 2024
The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-8369
was published
Sep 10, 2024
The RFC enabled function module allows a low privileged user to perform denial of service on any...
Moderate
Unreviewed
CVE-2024-45285
was published
Sep 10, 2024
The RFC enabled function module allows a low privileged user to perform various actions, such as...
Moderate
Unreviewed
CVE-2024-44117
was published
Sep 10, 2024
An authenticated attacker with high privilege can use functions of SLCM transactions to which...
Low
Unreviewed
CVE-2024-45284
was published
Sep 10, 2024
Due to missing authorization check in SAP for Oil & Gas (Transportation and Distribution), an...
Moderate
Unreviewed
CVE-2024-44112
was published
Sep 10, 2024
Due to lack of proper authorization checks when calling user, a function module in obsolete Tobin...
Moderate
Unreviewed
CVE-2024-45286
was published
Sep 10, 2024
Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform...
Low
Unreviewed
CVE-2024-41728
was published
Sep 10, 2024
The RFC enabled function module allows a low privileged user to add URLs to any user's workplace...
Moderate
Unreviewed
CVE-2024-44115
was published
Sep 10, 2024
The RFC enabled function module allows a low privileged user to add any workbook to any user's...
Moderate
Unreviewed
CVE-2024-44116
was published
Sep 10, 2024
The RFC enabled function module allows a low privileged user to delete the workplace favourites...
Moderate
Unreviewed
CVE-2024-42371
was published
Sep 10, 2024
The RFC enabled function module allows a low privileged user to read any user's workplace...
Moderate
Unreviewed
CVE-2024-42380
was published
Sep 10, 2024
Rapid7 Insight Platform versions between November 2019 and August 14, 2024 suffer from missing...
Low
Unreviewed
CVE-2024-8042
was published
Sep 9, 2024
A missing authorization vulnerability allows a local low-privileged user on the machine to...
High
Unreviewed
CVE-2024-40709
was published
Sep 7, 2024
A missing authorization vulnerability has been reported to affect several QNAP operating system...
High
Unreviewed
CVE-2023-39298
was published
Sep 6, 2024
ProTip!
Advisories are also available from the
GraphQL API