Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

264,449 advisories

Loading
The Jupiter X Core plugin for WordPress is vulnerable to Directory Traversal in all versions up... Moderate Unreviewed
CVE-2025-0365 was published Feb 1, 2025
The Jupiter X Core plugin for WordPress is vulnerable to Local File Inclusion to Remote Code... High Unreviewed
CVE-2025-0366 was published Feb 1, 2025
The WordPress Email Newsletter WordPress plugin through 1.1 does not sanitise and escape a... Unknown Unreviewed
CVE-2024-13098 was published Feb 1, 2025
The WP Finance WordPress plugin through 1.3.6 does not sanitise and escape a parameter before... Unknown Unreviewed
CVE-2024-13097 was published Feb 1, 2025
The Directorist: AI-Powered WordPress Business Directory Plugin with Classified Ads Listings... Moderate Unreviewed
CVE-2024-12041 was published Feb 1, 2025
The AnimateGL Animations for WordPress – Elementor & Gutenberg Blocks Animations plugin for... Moderate Unreviewed
CVE-2024-12620 was published Feb 1, 2025
Dell PowerProtect DD versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain a path... High Unreviewed
CVE-2024-51534 was published Feb 1, 2025
Dell PowerProtect DD versions prior to 7.10.1.50 and 7.13.1.20 contain a Stack-based Buffer... Low Unreviewed
CVE-2024-53296 was published Feb 1, 2025
Dell PowerProtect DD versions prior to 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain an improper... High Unreviewed
CVE-2024-53295 was published Feb 1, 2025
The Site Search 360 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-11780 was published Feb 1, 2025
The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-13651 was published Feb 1, 2025
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-12171 was published Feb 1, 2025
The WordPress Contact Forms by Cimatti plugin for WordPress is vulnerable to unauthorized access... Moderate Unreviewed
CVE-2024-12184 was published Feb 1, 2025
The WooCommerce Customers Manager plugin for WordPress is vulnerable to Privilege Escalation due... High Unreviewed
CVE-2024-13343 was published Feb 1, 2025
The aThemes Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-13547 was published Feb 1, 2025
In macrozheng mall-tiny 1.0.1, an attacker can send null data through the resource creation... Unknown Unreviewed
CVE-2024-57435 was published Feb 1, 2025
macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control. The project imports users... Unknown Unreviewed
CVE-2024-57434 was published Feb 1, 2025
EasyVirt DCScope 8.6.0 and earlier and co2Scope 1.3.0 and earlier are vulnerable to SQL Injection... Unknown Unreviewed
CVE-2024-57587 was published Feb 1, 2025
EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0 are vulnerable to privilege escalation as the... Unknown Unreviewed
CVE-2024-53356 was published Feb 1, 2025
In EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0, the AES encryption keys used to encrypt... Unknown Unreviewed
CVE-2024-53357 was published Feb 1, 2025
EasyVirt DCScope 8.6.0 and earlier and co2Scope 1.3.0 and earlier are vulnerable to Command... Unknown Unreviewed
CVE-2024-55062 was published Feb 1, 2025
macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control via the logout function.... Unknown Unreviewed
CVE-2024-57433 was published Feb 1, 2025
EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0 are vulnerable to Incorrect Access Control. This... Unknown Unreviewed
CVE-2024-53355 was published Feb 1, 2025
EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0 are vulnerable to SQL Injection. Unknown Unreviewed
CVE-2024-53354 was published Feb 1, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Low Unreviewed
CVE-2024-54516 was published Jan 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database