Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

265,116 advisories

Loading
An issue in floodlight v1.2 allows a local attacker to cause a denial of service via the Topology... Moderate Unreviewed
CVE-2024-57672 was published Feb 6, 2025
An issue in floodlight v1.2 allows a local attacker to cause a denial of service via the Topology... Moderate Unreviewed
CVE-2024-57673 was published Feb 6, 2025
In Code-projects Shopping Portal v1.0, the insert-product.php page has an arbitrary file upload... Critical Unreviewed
CVE-2024-57668 was published Feb 6, 2025
Incorrect access control in the endpoint /admin/m_delete.php of CodeAstro Complaint Management... High Unreviewed
CVE-2024-56889 was published Feb 7, 2025
The Legull WordPress plugin through 1.2.2 does not sanitise and escape a parameter before... High Unreviewed
CVE-2024-13352 was published Feb 7, 2025
A prototype pollution in the function lib.parse of dot-properties v1.0.1 allows attackers to... High Unreviewed
CVE-2024-57084 was published Feb 6, 2025
The Guten Free Options WordPress plugin through 0.9.5 does not sanitise and escape a parameter... Moderate Unreviewed
CVE-2024-13492 was published Feb 7, 2025
The WP All Import Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2024-9661 was published Feb 7, 2025
It is possible to construct a zone such that some queries to it will generate responses... High Unreviewed
CVE-2024-11187 was published Jan 30, 2025
7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass... High Unreviewed
CVE-2025-0411 was published Jan 25, 2025
The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-0826 was published Apr 9, 2024
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed
CVE-2024-1446 was published May 22, 2024
A command injection vulnerability exists in the com.webos.service.connectionmanager/tv... Critical Unreviewed
CVE-2023-6320 was published Apr 9, 2024
The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in... Critical Unreviewed
CVE-2024-7503 was published Aug 12, 2024
A command injection vulnerability exists in the getAudioMetadata method from the com.webos... Critical Unreviewed
CVE-2023-6319 was published Apr 9, 2024
The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is... Moderate Unreviewed
CVE-2024-4863 was published Jun 14, 2024
The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress... Moderate Unreviewed
CVE-2024-12875 was published Dec 21, 2024
The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is... Moderate Unreviewed
CVE-2024-5819 was published Jun 29, 2024
A verbose error handling issue in the proxy service implemented in the GravityZone Update Server... Critical Unreviewed
CVE-2024-6980 was published Jul 31, 2024
The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-1815 was published May 23, 2024
The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-1814 was published May 23, 2024
In some cases, the ktrace facility will log the contents of kernel structures to userspace. In... Moderate Unreviewed
CVE-2025-0662 was published Jan 30, 2025
Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800... Moderate Unreviewed
CVE-2024-22068 was published Oct 10, 2024
Undertow incorrectly parses cookies High
CVE-2023-4639 was published for io.undertow:undertow-core (Maven) Nov 17, 2024
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to authorization... Moderate Unreviewed
CVE-2020-36831 was published Oct 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database