Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

104,444 advisories

Loading
The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file... High Unreviewed
CVE-2024-13359 was published Mar 8, 2025
The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to SQL... High Unreviewed
CVE-2025-1323 was published Mar 8, 2025
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to Cross-Site... High Unreviewed
CVE-2024-11640 was published Mar 8, 2025
The miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) Pro Addon plugin... High Unreviewed
CVE-2024-11087 was published Mar 8, 2025
The SMTP by BestWebSoft plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-13908 was published Mar 8, 2025
The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit... High Unreviewed
CVE-2024-13882 was published Mar 8, 2025
The Post Meta Data Manager plugin for WordPress is vulnerable to multisite privilege escalation... High Unreviewed
CVE-2024-13835 was published Mar 8, 2025
The Allow PHP Execute plugin for WordPress is vulnerable to PHP Code Injection in all versions up... High Unreviewed
CVE-2024-13890 was published Mar 8, 2025
Windows Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-36934 was published May 24, 2022
A vulnerability, which was classified as critical, has been found in TOTOLINK EX1800T 9.1.0cu... High Unreviewed
CVE-2025-2097 was published Mar 8, 2025
An issue was discovered in the Masquerade module before 1.x-1.0.1 for Backdrop CMS. It allows... High Unreviewed
CVE-2025-27822 was published Mar 8, 2025
Incorrect access control in the KSRTC AWATAR app of Karnataka State Road Transport Corporation v1... High Unreviewed
CVE-2025-25381 was published Mar 6, 2025
An issue in account management interface in Netsweeper Server v.8.2.6 and earlier (fixed in v.8.2... High Unreviewed
CVE-2025-25497 was published Mar 6, 2025
Buffalo LS520D 4.53 is vulnerable to Arbitrary file read, which allows unauthenticated attackers... High Unreviewed
CVE-2025-26167 was published Mar 6, 2025
VMware Fusion(13.x prior to 13.5) contains a local privilege escalation vulnerability that occurs... High Unreviewed
CVE-2023-34045 was published Oct 20, 2023
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double... High Unreviewed
CVE-2024-57980 was published Feb 27, 2025
An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos... High Unreviewed
CVE-2024-52924 was published Mar 6, 2025
Trimble SketchUp SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability.... High Unreviewed
CVE-2025-2024 was published Mar 7, 2025
In the Linux kernel, the following vulnerability has been resolved: block: Fix handling of... High Unreviewed
CVE-2022-49720 was published Mar 7, 2025
An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos... High Unreviewed
CVE-2024-52923 was published Mar 6, 2025
Out-of-bounds read vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC... High Unreviewed
CVE-2023-22421 was published Mar 6, 2023
systemd before 247 does not adequately block local privilege escalation for some Sudo... High Unreviewed
CVE-2023-26604 was published Mar 3, 2023
Horcrux Double Sign Possibility High
GHSA-6wxf-7784-62fp was published for github.com/strangelove-ventures/horcrux/v3 (Go) Mar 7, 2025
com.xwiki.confluencepro:application-confluence-migrator-pro-ui's application homepage is public High
CVE-2025-27604 was published for com.xwiki.confluencepro:application-confluence-migrator-pro-ui (Maven) Mar 7, 2025
Vue I18n Allows Prototype Pollution in `handleFlatJson` High
CVE-2025-27597 was published for @intlify/core (npm) Mar 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database