GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,613
NuGet
638
pip
3,210
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
227,729 advisories
Filter by severity
Cross-site Scripting (XSS) vulnerability in idoit pro version 28. This vulnerability allows an...
Moderate
Unreviewed
CVE-2024-8750
was published
Sep 12, 2024
SQL injection vulnerability in idoit pro version 28. This vulnerability could allow an attacker...
High
Unreviewed
CVE-2024-8749
was published
Sep 12, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in TE...
High
Unreviewed
CVE-2024-2010
was published
Sep 12, 2024
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the...
Critical
Unreviewed
CVE-2024-8522
was published
Sep 12, 2024
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the...
Critical
Unreviewed
CVE-2024-8529
was published
Sep 12, 2024
The amCharts: Charts and Maps plugin for WordPress is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-8622
was published
Sep 12, 2024
The MM-Breaking News WordPress plugin through 0.7.9 does not escape the $_SERVER['REQUEST_URI']...
Unknown
Unreviewed
CVE-2024-8056
was published
Sep 12, 2024
The ILC Thickbox WordPress plugin through 1.0 does not have CSRF check in place when updating its...
Unknown
Unreviewed
CVE-2024-7820
was published
Sep 12, 2024
The Misiek Photo Album WordPress plugin through 1.4.3 does not have CSRF check in some places,...
Unknown
Unreviewed
CVE-2024-7818
was published
Sep 12, 2024
The Adicon Server WordPress plugin through 1.2 does not sanitize and escape a parameter before...
Unknown
Unreviewed
CVE-2024-7766
was published
Sep 12, 2024
The Visual Sound WordPress plugin through 1.03 does not have CSRF check in place when updating...
Unknown
Unreviewed
CVE-2024-7859
was published
Sep 12, 2024
The Gixaw Chat WordPress plugin through 1.0 does not have CSRF check in some places, and is...
Unknown
Unreviewed
CVE-2024-7816
was published
Sep 12, 2024
The Misiek Photo Album WordPress plugin through 1.4.3 does not have CSRF checks in some places,...
Unknown
Unreviewed
CVE-2024-7817
was published
Sep 12, 2024
The Quick Code WordPress plugin through 1.0 does not have CSRF check in some places, and is...
Unknown
Unreviewed
CVE-2024-7822
was published
Sep 12, 2024
The MM-Breaking News WordPress plugin through 0.7.9 does not have CSRF check in some places, and...
Unknown
Unreviewed
CVE-2024-8054
was published
Sep 12, 2024
The Simple Headline Rotator WordPress plugin through 1.0 does not have CSRF check in some places,...
Unknown
Unreviewed
CVE-2024-7860
was published
Sep 12, 2024
The Misiek Paypal WordPress plugin through 1.1.20090324 does not have CSRF check in some places,...
Unknown
Unreviewed
CVE-2024-7861
was published
Sep 12, 2024
The blogintroduction-wordpress-plugin WordPress plugin through 0.3.0 does not have CSRF check in...
Unknown
Unreviewed
CVE-2024-7862
was published
Sep 12, 2024
Exposure of sensitive information due to incompatible policies issue exists in Pgpool-II. If a...
Unknown
Unreviewed
CVE-2024-45624
was published
Sep 12, 2024
The Giveaways and Contests by RafflePress WordPress plugin before 1.12.16 does not sanitise and...
Unknown
Unreviewed
CVE-2024-6887
was published
Sep 12, 2024
The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting...
Unknown
Unreviewed
CVE-2024-3163
was published
Sep 12, 2024
The CM Pop-Up Banners for WordPress plugin before 1.7.3 does not sanitise and escape some of its...
Unknown
Unreviewed
CVE-2024-5799
was published
Sep 12, 2024
The Music Request Manager WordPress plugin through 1.3 does not have CSRF check in some places,...
Unknown
Unreviewed
CVE-2024-6017
was published
Sep 12, 2024
The Music Request Manager WordPress plugin through 1.3 does not sanitise and escape incoming...
Unknown
Unreviewed
CVE-2024-6019
was published
Sep 12, 2024
A vulnerability, which was classified as problematic, has been found in SourceCodester Food...
Moderate
Unreviewed
CVE-2024-8711
was published
Sep 12, 2024
ProTip!
Advisories are also available from the
GraphQL API