Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

104,449 advisories

Loading
Use of Hard-coded Credentials vulnerability in GE Vernova EnerVista UR Setup allows Privilege... High Unreviewed
CVE-2025-27255 was published Mar 10, 2025
Improper Authentication vulnerability in GE Vernova EnerVista UR Setup allows Authentication... High Unreviewed
CVE-2025-27254 was published Mar 10, 2025
Missing Authentication for Critical Function vulnerability in GE Vernova Enervista UR Setup... High Unreviewed
CVE-2025-27256 was published Mar 10, 2025
Improper Certificate Validation (CWE-295) in the Gallagher Milestone Integration Plugin (MIP)... High Unreviewed
CVE-2024-43107 was published Mar 10, 2025
Improper Certificate Validation (CWE-295) in the Gallagher Command Centre SALTO integration... High Unreviewed
CVE-2024-41724 was published Mar 10, 2025
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to Cross-Site... High Unreviewed
CVE-2024-11640 was published Mar 8, 2025
The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file... High Unreviewed
CVE-2024-13359 was published Mar 8, 2025
The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to SQL... High Unreviewed
CVE-2025-1323 was published Mar 8, 2025
The miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) Pro Addon plugin... High Unreviewed
CVE-2024-11087 was published Mar 8, 2025
The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit... High Unreviewed
CVE-2024-13882 was published Mar 8, 2025
The SMTP by BestWebSoft plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-13908 was published Mar 8, 2025
The Post Meta Data Manager plugin for WordPress is vulnerable to multisite privilege escalation... High Unreviewed
CVE-2024-13835 was published Mar 8, 2025
The Allow PHP Execute plugin for WordPress is vulnerable to PHP Code Injection in all versions up... High Unreviewed
CVE-2024-13890 was published Mar 8, 2025
A vulnerability, which was classified as critical, has been found in TOTOLINK EX1800T 9.1.0cu... High Unreviewed
CVE-2025-2097 was published Mar 8, 2025
An issue was discovered in the Masquerade module before 1.x-1.0.1 for Backdrop CMS. It allows... High Unreviewed
CVE-2025-27822 was published Mar 8, 2025
Trimble SketchUp SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability.... High Unreviewed
CVE-2025-2024 was published Mar 7, 2025
In the Linux kernel, the following vulnerability has been resolved: block: Fix handling of... High Unreviewed
CVE-2022-49720 was published Mar 7, 2025
Horcrux Double Sign Possibility High
GHSA-6wxf-7784-62fp was published for github.com/strangelove-ventures/horcrux/v3 (Go) Mar 7, 2025
IBM Aspera Shares 1.9.9 through 1.10.0 PL7 is vulnerable to an XML external entity injection (XXE... High Unreviewed
CVE-2025-0162 was published Mar 7, 2025
An improper certificate validation vulnerability has been reported to affect Helpdesk. If... High Unreviewed
CVE-2024-50394 was published Mar 7, 2025
A command injection vulnerability has been reported to affect QHora. If exploited, the... High Unreviewed
CVE-2024-50390 was published Mar 7, 2025
An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported... High Unreviewed
CVE-2024-53693 was published Mar 7, 2025
A time-of-check time-of-use (TOCTOU) race condition vulnerability has been reported to affect... High Unreviewed
CVE-2024-53694 was published Mar 7, 2025
Microsoft Security Advisory CVE-2025-24043 | WinDbg Remote Code Execution Vulnerability High
CVE-2025-24043 was published for dotnet-debugger-extensions (NuGet) Mar 7, 2025
hoyosjs
com.xwiki.confluencepro:application-confluence-migrator-pro-ui's application homepage is public High
CVE-2025-27604 was published for com.xwiki.confluencepro:application-confluence-migrator-pro-ui (Maven) Mar 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database