GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,144
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,265
npm 3,760
NuGet 678
pip 3,446
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,554

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,721 advisories

Filter by severity

Sort by

Least recently updated

Indico Insecure Access Moderate

CVE-2024-50633 was published for indico (pip) Jan 16, 2025

The Multi Step Form plugin for WordPress is vulnerable to unauthorized limited file upload due to... Moderate Unreviewed

CVE-2024-12427 was published Jan 16, 2025

The Passwords Manager plugin for WordPress is vulnerable to unauthorized modification of data due... High Unreviewed

CVE-2024-12614 was published Jan 16, 2025

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.1 and iPadOS 18.1... Moderate Unreviewed

CVE-2024-54470 was published Jan 15, 2025

This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and... Low Unreviewed

CVE-2024-40839 was published Jan 15, 2025

An issue in XINJE XL5E-16T V3.7.2a allows attackers to cause a Denial of Service (DoS) via a... High Unreviewed

CVE-2024-50953 was published Jan 15, 2025

Missing Authorization vulnerability in bPlugins LLC Button Block allows Accessing Functionality... Moderate Unreviewed

CVE-2025-22787 was published Jan 15, 2025

Missing Authorization vulnerability in Ugur CELIK WP News Sliders allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2025-22779 was published Jan 15, 2025

Missing Authorization vulnerability in MagePeople Team WpTravelly allows Accessing Functionality... Moderate Unreviewed

CVE-2025-22737 was published Jan 15, 2025

Missing Authorization vulnerability in Infomaniak Staff VOD Infomaniak allows Exploiting... Moderate Unreviewed

CVE-2025-22729 was published Jan 15, 2025

Missing Authorization vulnerability in Poll Maker Team Poll Maker allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2024-56295 was published Jan 15, 2025

The NitroPack plugin for WordPress is vulnerable to unauthorized modification of data due to a... High Unreviewed

CVE-2024-11848 was published Jan 15, 2025

The NitroPack plugin for WordPress is vulnerable to unauthorized arbitrary transient update due... Moderate Unreviewed

CVE-2024-11851 was published Jan 15, 2025

XWiki Realtime WYSIWYG Editor extension allows privilege escalation (PR) through realtime WYSIWYG editing Critical

CVE-2025-23025 was published for org.xwiki.platform:xwiki-platform-realtime-wysiwyg-ui (Maven) Jan 14, 2025

The W3 Total Cache plugin for WordPress is vulnerable to unauthorized modification of data due to... Moderate Unreviewed

CVE-2024-12006 was published Jan 14, 2025

The W3 Total Cache plugin for WordPress is vulnerable to unauthorized access of data due to a... High Unreviewed

CVE-2024-12365 was published Jan 14, 2025

An obsolete functionality in SAP NetWeaver Application Server ABAP did not perform necessary... Moderate Unreviewed

CVE-2025-0068 was published Jan 14, 2025

Due to a missing authorization check on service endpoints in the SAP NetWeaver Application Server... Moderate Unreviewed

CVE-2025-0067 was published Jan 14, 2025

Missing Authorization vulnerability in Post SMTP Post SMTP allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2025-22800 was published Jan 13, 2025

The Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups plugin... Moderate Unreviewed

CVE-2024-12204 was published Jan 11, 2025

The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3,... Moderate Unreviewed

CVE-2024-12606 was published Jan 10, 2025

Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue... Unknown Unreviewed

CVE-2024-13312 was published Jan 9, 2025

Missing Authorization vulnerability in Drupal Download All Files allows Forceful Browsing.This... Moderate Unreviewed

CVE-2024-13303 was published Jan 9, 2025

Missing Authorization vulnerability in Drupal Entity Delete Log allows Forceful Browsing.This... Moderate Unreviewed

CVE-2024-13243 was published Jan 9, 2025

Missing Authorization vulnerability in Jason Funk Title Experiments Free allows Exploiting... Moderate Unreviewed

CVE-2025-22561 was published Jan 9, 2025

Previous 1 2 3 4 5 6 … 148 149 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,721 advisories