GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,015
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
727 advisories
Filter by severity
In checkPermissions of RecognitionService.java, there is a possible permissions bypass due to a...
High
Unreviewed
CVE-2017-13316
was published
Nov 27, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 8.12 before 17.4.5, 17.5...
High
Unreviewed
CVE-2024-8114
was published
Nov 26, 2024
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege...
High
Unreviewed
CVE-2024-9941
was published
Nov 23, 2024
The com.uaudio.bsd.helper service, responsible for handling privileged operations, fails to...
High
Unreviewed
CVE-2024-8272
was published
Nov 25, 2024
NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an...
High
Unreviewed
CVE-2024-0122
was published
Nov 23, 2024
The Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post...
High
Unreviewed
CVE-2024-11601
was published
Nov 22, 2024
The Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post...
High
Unreviewed
CVE-2024-11104
was published
Nov 22, 2024
Apache IoTDB grafana-connector contains an interface without authorization
High
CVE-2022-38370
was published
for
org.apache.iotdb:iotdb-grafana-connector
(Maven)
Sep 6, 2022
TOTOLINK EX200 V4.0.3c.7646_B20201211 does not contain an authentication mechanism by default.
High
Unreviewed
CVE-2024-31813
was published
Apr 8, 2024
The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is...
High
Unreviewed
CVE-2024-11194
was published
Nov 19, 2024
Apache Airflow: Bypass permission verification to read code of other dags
High
CVE-2023-50944
was published
for
apache-airflow
(pip)
Jan 24, 2024
The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is...
High
Unreviewed
CVE-2024-10728
was published
Nov 16, 2024
In multiple functions in AppInfoBase.java, there is a possible way to manipulate app permission...
High
Unreviewed
CVE-2024-43088
was published
Nov 13, 2024
Vulnerability of improper permission control in the window management module.
Impact: Successful...
High
Unreviewed
CVE-2023-52713
was published
Apr 7, 2024
In getInstalledAccessibilityPreferences of AccessibilitySettings.java, there is a possible way to...
High
Unreviewed
CVE-2024-43087
was published
Nov 13, 2024
In multiple locations, there is a possible permissions bypass due to a missing null check. This...
High
Unreviewed
CVE-2024-34719
was published
Nov 13, 2024
Missing Authorization vulnerability in KCT Ai Auto Tool Content Writing Assistant (Gemini Writer,...
High
Unreviewed
CVE-2024-52383
was published
Nov 14, 2024
Script security bypass vulnerability in Jenkins Shared Library Version Override Plugin
High
CVE-2024-52554
was published
for
io.jenkins.plugins:shared-library-version-override
(Maven)
Nov 13, 2024
The WordPress User Extra Fields plugin for WordPress is vulnerable to privilege escalation due to...
High
Unreviewed
CVE-2024-10800
was published
Nov 13, 2024
The GPX Viewer plugin for WordPress is vulnerable to arbitrary file creation due to a missing...
High
Unreviewed
CVE-2024-10629
was published
Nov 13, 2024
Erroneous authentication pass in Spring Security
High
CVE-2024-22257
was published
for
org.springframework.security:spring-security-core
(Maven)
Mar 18, 2024
The web administration server in Solar-Log 500 before 2.8.2 Build 52 does not require...
High
Unreviewed
CVE-2021-34543
was published
Dec 8, 2021
The Top Store theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due...
High
Unreviewed
CVE-2024-10673
was published
Nov 9, 2024
The Th Shop Mania theme for WordPress is vulnerable to unauthorized arbitrary plugin installation...
High
Unreviewed
CVE-2024-10674
was published
Nov 9, 2024
ProTip!
Advisories are also available from the
GraphQL API