GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,006
Composer 4,299
Erlang 31
GitHub Actions 21
Go 2,065
Maven 5,241
npm 3,744
NuGet 668
pip 3,425
Pub 12
RubyGems 892
Rust 877
Swift 36

Unreviewed advisories

All unreviewed 240,043

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

111,906 advisories

Filter by severity

Sort by

Least recently updated

The PDF Flipbook, 3D Flipbook—DearFlip plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-11830 was published Jan 8, 2025

The Shipping via Planzer for WooCommerce plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed

CVE-2024-12337 was published Jan 8, 2025

The Shopping Cart & eCommerce Store plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2024-12712 was published Jan 8, 2025

The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-12584 was published Jan 8, 2025

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress... Moderate Unreviewed

CVE-2024-12045 was published Jan 8, 2025

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2024-12852 was published Jan 8, 2025

The Piotnet Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-9673 was published Jan 8, 2025

The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and... Moderate Unreviewed

CVE-2024-12851 was published Jan 8, 2025

A vulnerability has been found in VIWIS LMS 9.11 and classified as problematic. Affected by this... Moderate Unreviewed

CVE-2024-8002 was published Jan 8, 2025

The AdForest theme for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed

CVE-2024-12855 was published Jan 8, 2025

The MAS Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File... Moderate Unreviewed

CVE-2024-12328 was published Jan 8, 2025

The MinigameCenter module has insufficient restrictions on loading URLs, which may lead to some... Moderate Unreviewed

CVE-2024-13186 was published Jan 8, 2025

The MinigameCenter module has insufficient restrictions on loading URLs, which may lead to some... Moderate Unreviewed

CVE-2024-13185 was published Jan 8, 2025

The health module has insufficient restrictions on loading URLs, which may lead to some... Moderate Unreviewed

CVE-2024-13173 was published Jan 8, 2025

VMware Aria Automation contains a server-side request forgery (SSRF) vulnerability. A malicious... Moderate Unreviewed

CVE-2025-22215 was published Jan 8, 2025

The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-12205 was published Jan 8, 2025

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine... Moderate Unreviewed

CVE-2024-56456 was published Jan 8, 2025

The InfiniteWP Client plugin for WordPress is vulnerable to Path Traversal in all versions up to,... Moderate Unreviewed

CVE-2024-10585 was published Jan 8, 2025

Vulnerability of improper access control in the home screen widget module Impact: Successful... Moderate Unreviewed

CVE-2024-56448 was published Jan 8, 2025

cpdf through 2.8 allows stack consumption via a crafted PDF document. Moderate Unreviewed

CVE-2024-54731 was published Jan 8, 2025

Privilege escalation vulnerability in the Account module Impact: Successful exploitation of this... Moderate Unreviewed

CVE-2024-56449 was published Jan 8, 2025

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine... Moderate Unreviewed

CVE-2024-56454 was published Jan 8, 2025

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine... Moderate Unreviewed

CVE-2024-56452 was published Jan 8, 2025

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine... Moderate Unreviewed

CVE-2024-56453 was published Jan 8, 2025

Buffer overflow vulnerability in the component driver module Impact: Successful exploitation of... Moderate Unreviewed

CVE-2024-56450 was published Jan 8, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

111,906 advisories