GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
346 advisories
Filter by severity
Bhima version 1.27.0 allows an attacker authenticated with normal user permissions to view...
Moderate
Unreviewed
CVE-2023-0967
was published
Apr 5, 2023
The DethemeKit For Elementor plugin for WordPress is vulnerable to Information Exposure in all...
Moderate
Unreviewed
CVE-2025-0661
was published
Feb 13, 2025
The Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin plugin for WordPress...
Moderate
Unreviewed
CVE-2024-13601
was published
Feb 12, 2025
The EAN for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in...
Moderate
Unreviewed
CVE-2023-6897
was published
Apr 18, 2024
An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4,...
Moderate
Unreviewed
CVE-2023-1417
was published
Apr 5, 2023
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-6410
was published
Jul 10, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Wpmet Wp Ultimate Review.This...
Moderate
Unreviewed
CVE-2024-32683
was published
Apr 19, 2024
The User Shortcodes Plus plugin for WordPress is vulnerable to Insecure Direct Object Reference...
Moderate
Unreviewed
CVE-2023-6969
was published
Mar 13, 2024
The Builder Shortcode Extras – WordPress Shortcodes Collection to Save You Time plugin for...
Moderate
Unreviewed
CVE-2024-13841
was published
Feb 7, 2025
The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing...
Moderate
Unreviewed
CVE-2022-48313
was published
Apr 16, 2023
Authorization Bypass Through User-Controlled Key vulnerability in Fabio Rinaldi Crelly Slider...
Moderate
Unreviewed
CVE-2024-33542
was published
Apr 29, 2024
The UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget,...
Moderate
Unreviewed
CVE-2024-10696
was published
Feb 5, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This...
Moderate
Unreviewed
CVE-2024-31291
was published
Apr 7, 2024
The Event Tickets and Registration plugin for WordPress is vulnerable to Insecure Direct Object...
Moderate
Unreviewed
CVE-2024-13457
was published
Jan 30, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This...
Moderate
Unreviewed
CVE-2024-32772
was published
Apr 24, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This...
Moderate
Unreviewed
CVE-2024-32808
was published
Apr 24, 2024
The Medical Addon for Elementor plugin for WordPress is vulnerable to Insecure Direct Object...
Moderate
Unreviewed
CVE-2024-12046
was published
Feb 4, 2025
The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-13607
was published
Feb 4, 2025
Authorization Bypass Through User-Controlled Key vulnerability in NirWp Team Nirweb support. This...
Moderate
Unreviewed
CVE-2025-22695
was published
Feb 3, 2025
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for...
Moderate
Unreviewed
CVE-2024-13428
was published
Feb 1, 2025
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for...
Moderate
Unreviewed
CVE-2024-13372
was published
Feb 1, 2025
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for...
Moderate
Unreviewed
CVE-2024-13425
was published
Feb 1, 2025
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for...
Moderate
Unreviewed
CVE-2024-13429
was published
Feb 1, 2025
The Typer Core plugin for WordPress is vulnerable to Information Exposure in all versions up to,...
Moderate
Unreviewed
CVE-2024-12102
was published
Jan 30, 2025
A vulnerability, which was classified as critical, has been found in SourceCodester Computer...
Moderate
Unreviewed
CVE-2024-3139
was published
Apr 2, 2024
ProTip!
Advisories are also available from the
GraphQL API