Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,462
Erlang
33
GitHub Actions
22
Go
2,159
Maven
5,000+
npm
3,820
NuGet
696
pip
3,502
Pub
12
RubyGems
903
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

182 advisories

Loading
The SupportCandy – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-13552 was published Mar 7, 2025
The Wallet System for WooCommerce – Wallet, Wallet Cashback, Refunds, Partial Payment, Wallet... Moderate Unreviewed
CVE-2024-13724 was published Mar 4, 2025
Information disclosure while deriving keys for a session for any Widevine use case. Moderate Unreviewed
CVE-2024-43051 was published Mar 3, 2025
A vulnerability, which was classified as problematic, has been found in SourceCodester Best... Moderate Unreviewed
CVE-2025-1607 was published Feb 24, 2025
The Return Refund and Exchange For WooCommerce – Return Management System, RMA Exchange, Wallet... Moderate Unreviewed
CVE-2024-13692 was published Feb 14, 2025
The WP Booking Calendar plugin for WordPress is vulnerable to Unauthenticated Post-Confirmation... Moderate Unreviewed
CVE-2024-13821 was published Feb 12, 2025
A vulnerability was found in Shiprocket Module 3 on OpenCart. It has been rated as critical.... Moderate Unreviewed
CVE-2025-0580 was published Jan 20, 2025
The Download Manager plugin for WordPress is vulnerable to unauthorized download of password... Moderate Unreviewed
CVE-2024-11768 was published Dec 19, 2024
A vulnerability classified as problematic has been found in Dromara UJCMS up to 9.6.3. This... Moderate Unreviewed
CVE-2024-12483 was published Dec 12, 2024
Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Authorization... Moderate Unreviewed
CVE-2024-43729 was published Dec 11, 2024
Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Authorization... Moderate Unreviewed
CVE-2024-43731 was published Dec 11, 2024
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM)... Moderate Unreviewed
CVE-2020-3539 was published Nov 18, 2024
A vulnerability classified as critical was found in Tongda OA 11.2/11.3/11.4/11.5/11.6. This... Moderate Unreviewed
CVE-2024-10598 was published Nov 1, 2024
Improper authorization in some Intel(R) PM software may allow a privileged user to potentially... Moderate Unreviewed
CVE-2023-38135 was published Oct 25, 2024
The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress... Moderate Unreviewed
CVE-2024-9531 was published Oct 24, 2024
The WooCommerce Smart Coupons plugin for WordPress is vulnerable to authorization bypass due to a... Moderate Unreviewed
CVE-2020-36841 was published Oct 16, 2024
Information disclosure while sending implicit broadcast containing APP launch information. Moderate Unreviewed
CVE-2024-38425 was published Oct 7, 2024
A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low... Moderate Unreviewed
CVE-2024-20441 was published Oct 2, 2024
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been... Moderate Unreviewed
CVE-2024-9297 was published Sep 28, 2024
A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow... Moderate Unreviewed
CVE-2024-20414 was published Sep 25, 2024
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been rated as... Moderate Unreviewed
CVE-2024-9082 was published Sep 22, 2024
An improper authorization flaw exists in the Ansible Automation Controller. This flaw allows an... Moderate Unreviewed
CVE-2024-6840 was published Sep 12, 2024
Microsoft Outlook for iOS Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-43482 was published Sep 10, 2024
Windows Remote Desktop Licensing Service Denial of Service Vulnerability Moderate Unreviewed
CVE-2024-38231 was published Sep 10, 2024
A vulnerability in Cisco Expressway Edge (Expressway-E) could allow an authenticated, remote... Moderate Unreviewed
CVE-2024-20497 was published Sep 4, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database