Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

8,928 advisories

Loading
A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection... Moderate Unreviewed
CVE-2024-50312 was published Oct 22, 2024
The TeploBot - Telegram Bot for WP plugin for WordPress is vulnerable to sensitive information... High Unreviewed
CVE-2024-9627 was published Oct 22, 2024
The News Kit Elementor Addons plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2024-9541 was published Oct 22, 2024
The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2024-8852 was published Oct 22, 2024
secp256k1-node allows private key extraction over ECDH High
CVE-2024-48930 was published for secp256k1 (npm) Oct 21, 2024
ChALkeR jprichardson
The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2024-9889 was published Oct 19, 2024
This vulnerability could be exploited, leading to unauthorized disclosure of information to... Moderate Unreviewed
CVE-2024-42508 was published Oct 18, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BogdanFix WP SendFox... Moderate Unreviewed
CVE-2024-49284 was published Oct 17, 2024
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Information... Moderate Unreviewed
CVE-2024-7417 was published Oct 17, 2024
The Sina Extension for Elementor plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2024-9540 was published Oct 16, 2024
The Formidable Form Builder plugin for WordPress is vulnerable to Sensitive Data Exposure in... Moderate Unreviewed
CVE-2017-20194 was published Oct 16, 2024
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to sensitive... Moderate Unreviewed
CVE-2020-36835 was published Oct 16, 2024
Malicious homeservers can steal message keys when the matrix-react-sdk user invites another user to a room High
CVE-2024-47824 was published for matrix-react-sdk (npm) Oct 15, 2024
dkasak
Matrix JavaScript SDK's key history sharing could share keys to malicious devices High
CVE-2024-47080 was published for matrix-js-sdk (npm) Oct 15, 2024
dkasak
The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-6757 was published Oct 15, 2024
The WPIDE – File Manager & Code Editor plugin for WordPress is vulnerable to Full Path Disclosure... Moderate Unreviewed
CVE-2024-9546 was published Oct 15, 2024
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes... Moderate Unreviewed
CVE-2024-45738 was published Oct 14, 2024
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes... Moderate Unreviewed
CVE-2024-45739 was published Oct 14, 2024
The Elementor Addon Elements plugin for WordPress is vulnerable to Sensitive Information Exposure... Moderate Unreviewed
CVE-2024-8902 was published Oct 12, 2024
The Bot for Telegram on WooCommerce plugin for WordPress is vulnerable to sensitive information... High Unreviewed
CVE-2024-9821 was published Oct 12, 2024
An information disclosure vulnerability was identified in GitHub Enterprise Server via attacker... Moderate Unreviewed
CVE-2024-9539 was published Oct 11, 2024
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the command-line... Moderate Unreviewed
CVE-2024-39527 was published Oct 11, 2024
The ShopLentor plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-9538 was published Oct 11, 2024
The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu,... Moderate Unreviewed
CVE-2024-8913 was published Oct 11, 2024
Gradio has several components with post-process steps allow arbitrary file leaks Moderate
CVE-2024-47868 was published for gradio (pip) Oct 10, 2024
ahpaleus Vasco-jofra
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database