GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
218 advisories
Filter by severity
The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and...
Critical
Unreviewed
CVE-2024-8853
was published
Sep 20, 2024
An issue in the component /jeecg-boot/jmreport/dict/list of JimuReport v1.7.8 allows attacker to...
Critical
Unreviewed
CVE-2024-44893
was published
Sep 10, 2024
The WPCOM Member plugin for WordPress is vulnerable to privilege escalation in all versions up to...
Critical
Unreviewed
CVE-2024-7493
was published
Sep 6, 2024
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain access to the administrative...
Critical
Unreviewed
CVE-2024-36439
was published
Aug 22, 2024
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could...
Critical
Unreviewed
CVE-2024-33872
was published
Aug 20, 2024
Improper Privilege Management vulnerability in Geek Code Lab Login As Users allows Privilege...
Critical
Unreviewed
CVE-2024-43311
was published
Aug 19, 2024
Improper Privilege Management vulnerability in azzaroco Ultimate Membership Pro allows Privilege...
Critical
Unreviewed
CVE-2024-43240
was published
Aug 19, 2024
Improper Privilege Management vulnerability in eyecix JobSearch allows Privilege Escalation.This...
Critical
Unreviewed
CVE-2024-43245
was published
Aug 19, 2024
Improper initialization in the Linux kernel mode driver for some Intel(R) Ethernet Network...
Critical
Unreviewed
CVE-2024-21807
was published
Aug 14, 2024
Improper Privilege Management vulnerability in WofficeIO Woffice allows Privilege Escalation.This...
Critical
Unreviewed
CVE-2024-43153
was published
Aug 13, 2024
Improper Privilege Management vulnerability in realmag777 HUSKY allows Privilege Escalation.This...
Critical
Unreviewed
CVE-2024-43121
was published
Aug 13, 2024
Improper Privilege Management vulnerability in Revmakx Backup and Staging by WP Time Capsule...
Critical
Unreviewed
CVE-2024-38770
was published
Aug 1, 2024
SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to...
Critical
Unreviewed
CVE-2024-37858
was published
Jul 29, 2024
A flaw exists in Purity//FB whereby a local account is permitted to authenticate to the...
Critical
Unreviewed
CVE-2023-4976
was published
Jul 17, 2024
Improper Privilege Management vulnerability in NooTheme Jobmonster allows Privilege Escalation...
Critical
Unreviewed
CVE-2024-37927
was published
Jul 12, 2024
Microsoft Defender for IoT Elevation of Privilege Vulnerability
Critical
Unreviewed
CVE-2024-38089
was published
Jul 9, 2024
An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote...
Critical
Unreviewed
CVE-2024-27710
was published
Jul 5, 2024
When generating the systemd service units for the docker snap (and other similar snaps), snapd...
Critical
Unreviewed
CVE-2020-27352
was published
Jun 21, 2024
Incorrect access control in the UART/Serial interface on the LB-LINK BL-W1210M v2.0 router allows...
Critical
Unreviewed
CVE-2024-33374
was published
Jun 14, 2024
Improper Privilege Management vulnerability in DeluxeThemes Userpro allows Privilege Escalation...
Critical
Unreviewed
CVE-2024-35700
was published
Jun 4, 2024
An issue in the component Access64.sys of Wistron Corporation TBT Force Power Control v1.0.0.0...
Critical
Unreviewed
CVE-2024-33226
was published
May 22, 2024
Improper Privilege Management vulnerability in UkrSolution Barcode Scanner with Inventory & Order...
Critical
Unreviewed
CVE-2024-33567
was published
May 17, 2024
Improper Privilege Management vulnerability in CodeRevolution Demo My WordPress allows Privilege...
Critical
Unreviewed
CVE-2024-31290
was published
May 17, 2024
Improper Privilege Management vulnerability in WebWizards SalesKing allows Privilege Escalation...
Critical
Unreviewed
CVE-2024-22157
was published
May 17, 2024
Improper Privilege Management vulnerability in 8theme XStore Core allows Privilege Escalation...
Critical
Unreviewed
CVE-2024-33552
was published
May 17, 2024
ProTip!
Advisories are also available from the
GraphQL API