Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

24,798 advisories

Loading
The Javo Core plugin for WordPress is vulnerable to privilege escalation in all versions up to,... Critical Unreviewed
CVE-2025-0177 was published Mar 8, 2025
A vulnerability was discovered in the Arctera InfoScale 7.0 through 8.0.2 where a .NET remoting... Critical Unreviewed
CVE-2025-27816 was published Mar 7, 2025
crmeb CRMEB-KY v5.4.0 and before has a SQL Injection vulnerability at getRead() in /system... Critical Unreviewed
CVE-2025-25763 was published Mar 6, 2025
An arbitrary file upload vulnerability in the component /cms/CmsWebFileAdminController.java of... Critical Unreviewed
CVE-2025-25361 was published Mar 6, 2025
com.xwiki.confluencepro:application-confluence-migrator-pro-ui Remote Code Execution via unescaped translations Critical
CVE-2025-27603 was published for com.xwiki.confluencepro:application-confluence-migrator-pro-ui (Maven) Mar 7, 2025
A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8... Critical Unreviewed
CVE-2023-25358 was published Mar 2, 2023
An issue discovered in Shenzhen Zhibotong Electronics WBT WE1626 Router v 21.06.18 allows... Critical Unreviewed
CVE-2022-45553 was published Mar 3, 2023
SQL injection vulnerability have been found in 101news affecting version 1.0 through the ... Critical Unreviewed
CVE-2025-1872 was published Mar 3, 2025
SQL injection vulnerability have been found in 101news affecting version 1.0 through the ... Critical Unreviewed
CVE-2025-1873 was published Mar 3, 2025
SQL injection vulnerability have been found in 101news affecting version 1.0 through the ... Critical Unreviewed
CVE-2025-1875 was published Mar 3, 2025
SQL injection vulnerability have been found in 101news affecting version 1.0 through the ... Critical Unreviewed
CVE-2025-1871 was published Mar 3, 2025
SQL injection vulnerability have been found in 101news affecting version 1.0 through the ... Critical Unreviewed
CVE-2025-1869 was published Mar 3, 2025
SQL injection vulnerability have been found in 101news affecting version 1.0 through the ... Critical Unreviewed
CVE-2025-1870 was published Mar 3, 2025
SQL injection vulnerability have been found in 101news affecting version 1.0 through the ... Critical Unreviewed
CVE-2025-1874 was published Mar 3, 2025
The InWave Jobs plugin for WordPress is vulnerable to privilege escalation via password reset in... Critical Unreviewed
CVE-2025-1315 was published Mar 7, 2025
The Golo - City Travel Guide WordPress Theme theme for WordPress is vulnerable to privilege... Critical Unreviewed
CVE-2024-12876 was published Mar 7, 2025
The WPCOM Member plugin for WordPress is vulnerable to authentication bypass in all versions up... Critical Unreviewed
CVE-2025-1475 was published Mar 7, 2025
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection... Critical Unreviewed
CVE-2025-0665 was published Feb 5, 2025
Fleet has SAML authentication vulnerability due to improper SAML response validation Critical
CVE-2025-27509 was published for github.com/fleetdm/fleet/v4 (Go) Mar 6, 2025
hakivvi lucasmrod
getvictor rh-colbymorgan jeffssh
Moodle Session Fixation vulnerability Critical
CVE-2021-36394 was published for moodle/moodle (Composer) Mar 6, 2023
The DHVC Form plugin for WordPress is vulnerable to privilege escalation in all versions up to,... Critical Unreviewed
CVE-2024-8420 was published Feb 28, 2025
A vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL... Critical Unreviewed
CVE-2023-38547 was published Nov 14, 2023
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... Critical Unreviewed
CVE-2023-22072 was published Oct 18, 2023
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... Critical Unreviewed
CVE-2023-22069 was published Oct 18, 2023
ShadowsocksX-NG 1.10.0 signs with com.apple.security.get-task-allow entitlements because of... Critical Unreviewed
CVE-2023-27574 was published Mar 4, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database