Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,462
Erlang
33
GitHub Actions
22
Go
2,159
Maven
5,000+
npm
3,820
NuGet
696
pip
3,502
Pub
12
RubyGems
903
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

385 advisories

Loading
The SupportCandy – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-13552 was published Mar 7, 2025
Improper authorization in PushClientProvider of Samsung Push Service prior to version 3.4.10... Moderate Unreviewed
CVE-2023-42541 was published Nov 14, 2023
The Wallet System for WooCommerce – Wallet, Wallet Cashback, Refunds, Partial Payment, Wallet... Moderate Unreviewed
CVE-2024-13724 was published Mar 4, 2025
Information disclosure while deriving keys for a session for any Widevine use case. Moderate Unreviewed
CVE-2024-43051 was published Mar 3, 2025
The Return Refund and Exchange For WooCommerce – Return Management System, RMA Exchange, Wallet... Moderate Unreviewed
CVE-2024-13692 was published Feb 14, 2025
A vulnerability, which was classified as problematic, has been found in SourceCodester Best... Moderate Unreviewed
CVE-2025-1607 was published Feb 24, 2025
The IP2Location Country Blocker plugin for WordPress is vulnerable to Regular Information... High Unreviewed
CVE-2025-1361 was published Feb 22, 2025
A vulnerability was found in Campcodes Online Laundry Management System 1.0. It has been... Moderate Unreviewed
CVE-2024-4819 was published May 14, 2024
A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows... High Unreviewed
CVE-2022-3787 was published Mar 29, 2023
The WP Booking Calendar plugin for WordPress is vulnerable to Unauthenticated Post-Confirmation... Moderate Unreviewed
CVE-2024-13821 was published Feb 12, 2025
The Zephyr Project Manager plugin for WordPress is vulnerable to limited privilege escalation in... High Unreviewed
CVE-2024-7624 was published Aug 15, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability High Unreviewed
CVE-2025-21400 was published Feb 11, 2025
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are... High Unreviewed
CVE-2025-24418 was published Feb 11, 2025
Improper authorization in Gitlab EE affecting all versions from 12.3.0 before 15.8.5, all... Moderate Unreviewed
CVE-2023-1167 was published Apr 5, 2023
A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker with valid... Critical Unreviewed
CVE-2025-20125 was published Feb 5, 2025
The WooCommerce Wishlist (High customization, fast setup,Free Elementor Wishlist, most features)... High Unreviewed
CVE-2024-13694 was published Jan 30, 2025
The Single-user-chat plugin for WordPress is vulnerable to unauthorized modification of data that... High Unreviewed
CVE-2024-13646 was published Jan 30, 2025
A vulnerability has been discovered in Rocket.Chat, where messages can be hidden regardless of... Moderate Unreviewed
CVE-2023-28318 was published May 10, 2023
A vulnerability has been discovered in Rocket.Chat, where editing messages can change the... Moderate Unreviewed
CVE-2023-28317 was published May 10, 2023
An improper authorization vulnerability exists in Rocket.Chat <6.0 that could allow a hacker to... Moderate Unreviewed
CVE-2023-28325 was published May 12, 2023
A vulnerability, which was classified as critical, has been found in SourceCodester Computer... Moderate Unreviewed
CVE-2024-3139 was published Apr 2, 2024
A vulnerability was found in Shiprocket Module 3 on OpenCart. It has been rated as critical.... Moderate Unreviewed
CVE-2025-0580 was published Jan 20, 2025
Microsoft SharePoint Server Remote Code Execution Vulnerability High Unreviewed
CVE-2025-21348 was published Jan 14, 2025
Windows App Package Installer Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-21275 was published Jan 14, 2025
There is an improper authorization vulnerability in some Huawei smartphones. An attacker could... Low Unreviewed
CVE-2020-9081 was published Dec 27, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database