Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

123,312 advisories

Loading
The DWT - Directory & Listing WordPress Theme is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2025-0169 was published Feb 9, 2025
IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy (UCD) 7.0... Moderate Unreviewed
CVE-2024-54176 was published Feb 8, 2025
The Simple add pages or posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2024-13850 was published Feb 8, 2025
A vulnerability, which was classified as critical, was found in CoinRemitter 0.0.1/0.0.2 on... Moderate Unreviewed
CVE-2025-1117 was published Feb 8, 2025
A vulnerability, which was classified as critical, has been found in Dreamvention Live AJAX... Moderate Unreviewed
CVE-2025-1116 was published Feb 8, 2025
A vulnerability classified as problematic was found in RT-Thread up to 5.1.0. Affected by this... Moderate Unreviewed
CVE-2025-1115 was published Feb 8, 2025
A vulnerability classified as problematic has been found in newbee-mall 1.0. Affected is the... Moderate Unreviewed
CVE-2025-1114 was published Feb 8, 2025
A vulnerability was found in taisan tarzan-cms up to 1.0.0. It has been rated as critical. This... Moderate Unreviewed
CVE-2025-1113 was published Feb 8, 2025
A reflected Cross-Site Scripting (XSS) vulnerability exists in /webscan/sqlmap/index.html in... Moderate Unreviewed
CVE-2024-57278 was published Feb 8, 2025
A reflected Cross-Site Scripting (XSS) vulnerability has been identified in the LDAP User Manager... Moderate Unreviewed
CVE-2024-57279 was published Feb 8, 2025
An error when handling authorization related to the import / export interfaces on the RISC... Moderate Unreviewed
CVE-2021-41528 was published Feb 7, 2025
A vulnerability classified as critical has been found in CmsEasy 7.7.7.9. This affects the... Moderate Unreviewed
CVE-2025-1106 was published Feb 7, 2025
Utilization of a module presented a security risk by allowing the deserialization of untrusted... Moderate Unreviewed
CVE-2021-27017 was published Feb 7, 2025
Connect-CMS Access control vulnerability Moderate
GHSA-5rjc-jc28-cwgg was published for opensource-workshop/connect-cms (Composer) Feb 7, 2025
xml2rfc has file inclusion irregularities Moderate
GHSA-432c-wxpg-m4q3 was published for xml2rfc (pip) Feb 7, 2025
Pimcore Admin Classic Bundle allows user enumeration Moderate
CVE-2025-24980 was published for pimcore/admin-ui-classic-bundle (Composer) Feb 7, 2025
Ayman-Rayan
A vulnerability has been found in D-Link DHP-W310AV 1.04 and classified as critical. This... Moderate Unreviewed
CVE-2025-1104 was published Feb 7, 2025
The WP All Import Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2024-9661 was published Feb 7, 2025
A vulnerability was found in SiberianCMS 4.20.6. It has been rated as problematic. Affected by... Moderate Unreviewed
CVE-2025-1105 was published Feb 7, 2025
The WP ALL Export Pro plugin for WordPress is vulnerable to unauthorized modification of data... Moderate Unreviewed
CVE-2024-7425 was published Feb 7, 2025
A use of hard-coded password vulnerability may allow authentication abuse.This issue affects ELI... Moderate Unreviewed
CVE-2022-26388 was published Feb 7, 2025
The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is... Moderate Unreviewed
CVE-2024-10785 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in saleandro Songkick Concerts and Festivals... Moderate Unreviewed
CVE-2025-25146 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in bnielsen Indeed API allows Cross Site Request... Moderate Unreviewed
CVE-2025-25103 was published Feb 7, 2025
Missing Authorization vulnerability in Melodic Media Slide Banners allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-25120 was published Feb 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database