GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,537
Composer 4,454
Erlang 33
GitHub Actions 22
Go 2,153
Maven 5,330
npm 3,818
NuGet 693
pip 3,492
Pub 12
RubyGems 902
Rust 903
Swift 38

Unreviewed advisories

All unreviewed 246,969

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

124,950 advisories

Filter by severity

Sort by

Least recently updated

Espressif ESP32 chips allow 29 hidden HCI commands, such as 0xFC02 (Write memory). Moderate Unreviewed

CVE-2025-27840 was published Mar 8, 2025

The Starter Templates by FancyWP plugin for WordPress is vulnerable to Blind Server-Side Request... Moderate Unreviewed

CVE-2024-13924 was published Mar 8, 2025

The RomethemeKit For Elementor plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed

CVE-2024-10326 was published Mar 8, 2025

The Gallery Styles plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-1783 was published Mar 8, 2025

The SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) plugin for WordPress is... Moderate Unreviewed

CVE-2024-13675 was published Mar 8, 2025

The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to Stored... Moderate Unreviewed

CVE-2024-13649 was published Mar 8, 2025

The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-1324 was published Mar 8, 2025

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress... Moderate Unreviewed

CVE-2025-1664 was published Mar 8, 2025

The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-1325 was published Mar 8, 2025

The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-1322 was published Mar 8, 2025

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu,... Moderate Unreviewed

CVE-2025-1287 was published Mar 8, 2025

The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit... Moderate Unreviewed

CVE-2024-13816 was published Mar 8, 2025

The All-in-One Addons for Elementor – WidgetKit plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed

CVE-2024-10321 was published Mar 8, 2025

The Print Invoice & Delivery Notes for WooCommerce plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-13640 was published Mar 8, 2025

The Post SMTP plugin for WordPress is vulnerable to generic SQL Injection via the ‘columns’... Moderate Unreviewed

CVE-2024-13844 was published Mar 8, 2025

The FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel plugin for... Moderate Unreviewed

CVE-2024-12114 was published Mar 8, 2025

The FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel plugin for... Moderate Unreviewed

CVE-2024-12119 was published Mar 8, 2025

The The Code Snippets CPT plugin for WordPress is vulnerable to arbitrary shortcode execution in... Moderate Unreviewed

CVE-2024-13895 was published Mar 8, 2025

The Shortcode Cleaner Lite plugin for WordPress is vulnerable to unauthorized access of data due... Moderate Unreviewed

CVE-2025-1481 was published Mar 8, 2025

The Post Lockdown plugin for WordPress is vulnerable to Information Exposure in all versions up... Moderate Unreviewed

CVE-2025-1504 was published Mar 8, 2025

The Wishlist for WooCommerce: Multi Wishlists Per Customer plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-13774 was published Mar 8, 2025

The Years Since – Timeless Texts plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-12460 was published Mar 8, 2025

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to DOM-Based... Moderate Unreviewed

CVE-2025-1261 was published Mar 8, 2025

qcp has possible crash/DOS in some build configurations Moderate

GHSA-fmwf-c46w-r8qm was published for qcp (Rust) Mar 8, 2025

An XSS issue was discovered in the Bootstrap Lite theme before 1.x-1.4.5 for Backdrop CMS. It... Moderate Unreviewed

CVE-2025-27826 was published Mar 8, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

124,950 advisories