Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

104,444 advisories

Loading
The Eventer - WordPress Event & Booking Manager Plugin plugin for WordPress is vulnerable to SQL... High Unreviewed
CVE-2025-0959 was published Mar 7, 2025
The School Management System for Wordpress plugin for WordPress is vulnerable to privilege... High Unreviewed
CVE-2024-9658 was published Mar 7, 2025
The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is... High Unreviewed
CVE-2025-1309 was published Mar 7, 2025
Dell ThinOS 2411 and prior, contains an Improper Neutralization of Special Elements used in a... High Unreviewed
CVE-2025-26331 was published Mar 7, 2025
Software installed and run as a non-privileged user may conduct improper GPU system calls to... High Unreviewed
CVE-2024-12837 was published Mar 7, 2025
The Gallery by BestWebSoft – Customizable Image and Photo Galleries for WordPress plugin for... High Unreviewed
CVE-2024-13906 was published Mar 7, 2025
The Ultimate Video Player WordPress & WooCommerce Plugin plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-10804 was published Mar 7, 2025
The CS Framework plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed
CVE-2024-12035 was published Mar 7, 2025
The CS Framework plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to,... High Unreviewed
CVE-2024-12036 was published Mar 7, 2025
The CURCY - WooCommerce Multi Currency - Currency Switcher plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-13320 was published Mar 7, 2025
The Flex Mag - Responsive WordPress News Theme theme for WordPress is vulnerable to unauthorized... High Unreviewed
CVE-2024-13655 was published Mar 7, 2025
The Homey theme for WordPress is vulnerable to authentication bypass in versions up to, and... High Unreviewed
CVE-2025-0749 was published Mar 7, 2025
DoS Vulnerability in TraceContextPropagator.Extract - OpenTelemetry.Api High
GHSA-vc29-vg52-6643 was published for OpenTelemetry.AutoInstrumentation (NuGet) Mar 6, 2025
Out-of-bounds Write in SixLabors ImageSharp High
CVE-2025-27598 was published for SixLabors.ImageSharp (NuGet) Mar 6, 2025
andreas-eriksson
An issue in account management interface in Netsweeper Server v.8.2.6 and earlier (fixed in v.8.2... High Unreviewed
CVE-2025-25497 was published Mar 6, 2025
Buffalo LS520D 4.53 is vulnerable to Arbitrary file read, which allows unauthenticated attackers... High Unreviewed
CVE-2025-26167 was published Mar 6, 2025
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080,... High Unreviewed
CVE-2024-50600 was published Mar 6, 2025
Incorrect access control in the KSRTC AWATAR app of Karnataka State Road Transport Corporation v1... High Unreviewed
CVE-2025-25381 was published Mar 6, 2025
A cross-site scripting (XSS) vulnerability in Emlog Pro v2.5.4 allows attackers to execute... High Unreviewed
CVE-2025-25823 was published Mar 6, 2025
A cross-site scripting (XSS) vulnerability in Emlog Pro v2.5.4 allows attackers to execute... High Unreviewed
CVE-2025-25825 was published Mar 6, 2025
An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos... High Unreviewed
CVE-2024-52923 was published Mar 6, 2025
An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos... High Unreviewed
CVE-2024-52924 was published Mar 6, 2025
A deserialization of untrusted data vulnerability exists in NI G Web Development Software that... High Unreviewed
CVE-2024-12742 was published Mar 6, 2025
ServiceNow has addressed an authorization bypass vulnerability that was identified in the... High Unreviewed
CVE-2025-0337 was published Mar 6, 2025
IBM Concert Software 1.0.5 uses an inadequate account lockout setting that could allow a remote... High Unreviewed
CVE-2024-51476 was published Mar 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database