GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,300
Composer 4,359
Erlang 33
GitHub Actions 22
Go 2,124
Maven 5,300
npm 3,787
NuGet 683
pip 3,467
Pub 12
RubyGems 894
Rust 892
Swift 38

Unreviewed advisories

All unreviewed 244,555

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

204 advisories

Filter by severity

Sort by

Least recently updated

The Wux Blog Editor plugin for WordPress is vulnerable to authentication bypass in versions up to... Critical Unreviewed

CVE-2024-9931 was published Oct 26, 2024

The Extensions by HocWP Team plugin for WordPress is vulnerable to authentication bypass in... Critical Unreviewed

CVE-2024-9930 was published Oct 26, 2024

The User Toolkit plugin for WordPress is vulnerable to authentication bypass in versions up to,... High Unreviewed

CVE-2024-9890 was published Oct 26, 2024

This vulnerability exists in Matrix Door Controller Cosec Vega FAXQ due to improper... Critical Unreviewed

CVE-2024-10381 was published Oct 25, 2024

Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an... Critical Unreviewed

CVE-2024-47406 was published Oct 25, 2024

The Comments – wpDiscuz plugin for WordPress is vulnerable to authentication bypass in all... Critical Unreviewed

CVE-2024-9488 was published Oct 25, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in Vitalii Bryl iBryl... High Unreviewed

CVE-2024-49675 was published Oct 23, 2024

The Rover IDX plugin for WordPress is vulnerable to Authentication Bypass in versions up to, and... High Unreviewed

CVE-2024-10002 was published Oct 22, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in Vivek Tamrakar WP REST... Critical Unreviewed

CVE-2024-49328 was published Oct 20, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in Najeeb Ahmad Simple... Critical Unreviewed

CVE-2024-49604 was published Oct 20, 2024

The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-9861 was published Oct 17, 2024

The Nextend Social Login Pro plugin for WordPress is vulnerable to authentication bypass in all... Critical Unreviewed

CVE-2024-9893 was published Oct 16, 2024

: Authentication Bypass Using an Alternate Path or Channel vulnerability in sooskriszta, webforza... Critical Unreviewed

CVE-2024-49247 was published Oct 16, 2024

The UltimateAI plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed

CVE-2024-9105 was published Oct 16, 2024

The Pedalo Connector plugin for WordPress is vulnerable to authentication bypass in versions up... Critical Unreviewed

CVE-2024-9822 was published Oct 11, 2024

The WP Users Masquerade plugin for WordPress is vulnerable to authentication bypass in versions... High Unreviewed

CVE-2024-9522 was published Oct 10, 2024

The web server of affected devices do not properly authenticate user request to the '/ClientArea... Moderate Unreviewed

CVE-2024-46887 was published Oct 8, 2024

The LatePoint plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed

CVE-2024-8943 was published Oct 8, 2024

The WordPress & WooCommerce Affiliate Program plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2024-9289 was published Oct 1, 2024

The Wechat Social login plugin for WordPress is vulnerable to authentication bypass in versions... Critical Unreviewed

CVE-2024-9106 was published Oct 1, 2024

The Jupiter X Core plugin for WordPress is vulnerable to authentication bypass in all versions up... High Unreviewed

CVE-2024-7781 was published Sep 26, 2024

An attacker can directly request the ProGauge MAGLINK LX CONSOLE resource sub page with full... Critical Unreviewed

CVE-2024-43692 was published Sep 25, 2024

The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass... Critical Unreviewed

CVE-2024-8277 was published Sep 11, 2024

An authentication bypass weakness in the message broker service of Ivanti Workspace Control... High Unreviewed

CVE-2024-8012 was published Sep 10, 2024

The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local authentication... High Unreviewed

CVE-2024-41173 was published Aug 27, 2024

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

204 advisories