GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
8,911 advisories
Filter by severity
mudler/localai version 2.17.1 is vulnerable to a Timing Attack. This type of side-channel attack...
High
Unreviewed
CVE-2024-7010
was published
Oct 29, 2024
The Move Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information...
Moderate
Unreviewed
CVE-2024-10360
was published
Oct 29, 2024
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information...
Moderate
Unreviewed
CVE-2024-10312
was published
Oct 29, 2024
HCL Connections is vulnerable to an information disclosure vulnerability, due to an IBM WebSphere...
Low
Unreviewed
CVE-2024-30106
was published
Oct 29, 2024
The Clever Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information...
Moderate
Unreviewed
CVE-2024-10357
was published
Oct 26, 2024
The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Information...
Moderate
Unreviewed
CVE-2024-10050
was published
Oct 24, 2024
A vulnerability, which was classified as problematic, was found in ZZCMS 2023. This affects an...
Moderate
Unreviewed
CVE-2024-10290
was published
Oct 23, 2024
The Qi Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure...
Moderate
Unreviewed
CVE-2024-9530
was published
Oct 23, 2024
A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection...
Moderate
Unreviewed
CVE-2024-50312
was published
Oct 22, 2024
The TeploBot - Telegram Bot for WP plugin for WordPress is vulnerable to sensitive information...
High
Unreviewed
CVE-2024-9627
was published
Oct 22, 2024
The News Kit Elementor Addons plugin for WordPress is vulnerable to Sensitive Information...
Moderate
Unreviewed
CVE-2024-9541
was published
Oct 22, 2024
The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to Sensitive...
Moderate
Unreviewed
CVE-2024-8852
was published
Oct 22, 2024
secp256k1-node allows private key extraction over ECDH
High
CVE-2024-48930
was published
for
secp256k1
(npm)
Oct 21, 2024
The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Sensitive...
Moderate
Unreviewed
CVE-2024-9889
was published
Oct 19, 2024
This vulnerability could be exploited, leading to unauthorized disclosure of information to...
Moderate
Unreviewed
CVE-2024-42508
was published
Oct 18, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BogdanFix WP SendFox...
Moderate
Unreviewed
CVE-2024-49284
was published
Oct 17, 2024
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Information...
Moderate
Unreviewed
CVE-2024-7417
was published
Oct 17, 2024
The Sina Extension for Elementor plugin for WordPress is vulnerable to Sensitive Information...
Moderate
Unreviewed
CVE-2024-9540
was published
Oct 16, 2024
The Formidable Form Builder plugin for WordPress is vulnerable to Sensitive Data Exposure in...
Moderate
Unreviewed
CVE-2017-20194
was published
Oct 16, 2024
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to sensitive...
Moderate
Unreviewed
CVE-2020-36835
was published
Oct 16, 2024
Malicious homeservers can steal message keys when the matrix-react-sdk user invites another user to a room
High
CVE-2024-47824
was published
for
matrix-react-sdk
(npm)
Oct 15, 2024
Matrix JavaScript SDK's key history sharing could share keys to malicious devices
High
CVE-2024-47080
was published
for
matrix-js-sdk
(npm)
Oct 15, 2024
The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable...
Moderate
Unreviewed
CVE-2024-6757
was published
Oct 15, 2024
The WPIDE – File Manager & Code Editor plugin for WordPress is vulnerable to Full Path Disclosure...
Moderate
Unreviewed
CVE-2024-9546
was published
Oct 15, 2024
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes...
Moderate
Unreviewed
CVE-2024-45738
was published
Oct 14, 2024
ProTip!
Advisories are also available from the
GraphQL API