Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

102,404 advisories

Loading
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction &... High Unreviewed
CVE-2025-0308 was published Jan 18, 2025
A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in... High Unreviewed
CVE-2023-50739 was published Jan 18, 2025
Zot IdP group membership revocation ignored High
CVE-2025-23208 was published for zotregistry.dev/zot (Go) Jan 17, 2025
jeff-mccoy
Teradata Vantage Editor 1.0.1 is mostly intended for SQL database access and docs.teradata.com... High Unreviewed
CVE-2024-52870 was published Jan 17, 2025
Wegia < 3.2.0 is vulnerable to Cross Site Scripting (XSS) in /geral/documentos_funcionario.php... High Unreviewed
CVE-2024-57030 was published Jan 17, 2025
Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-21399 was published Jan 17, 2025
Belledonne Communications Linphone-Desktop is vulnerable to a NULL Dereference vulnerability,... High Unreviewed
CVE-2025-0430 was published Jan 17, 2025
Nedap Librix Ecoreader is missing authentication for critical functions that could allow an ... High Unreviewed
CVE-2024-12757 was published Jan 17, 2025
nbgrader's `frame-ancestors: self` grants all users access to formgrader High
CVE-2025-23205 was published for nbgrader (pip) Jan 17, 2025
A vulnerability, which was classified as critical, has been found in Tenda AC8, AC10 and AC18 16... High Unreviewed
CVE-2025-0528 was published Jan 17, 2025
CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of... High Unreviewed
CVE-2024-12703 was published Jan 17, 2025
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that... High Unreviewed
CVE-2024-12142 was published Jan 17, 2025
CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could... High Unreviewed
CVE-2024-12476 was published Jan 17, 2025
CWE-639: Authorization Bypass Through User-Controlled Key vulnerability exists that could allow... High Unreviewed
CVE-2024-10497 was published Jan 17, 2025
The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘alt’... High Unreviewed
CVE-2024-13377 was published Jan 17, 2025
CWE-131: Incorrect Calculation of Buffer Size vulnerability exists that could cause Denial-of... High Unreviewed
CVE-2024-11425 was published Jan 17, 2025
The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-13333 was published Jan 17, 2025
Windows Secure Kernel Mode Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-21325 was published Jan 17, 2025
Fuji Electric Alpha5 SMART is vulnerable to a stack-based buffer overflow, which may allow an... High Unreviewed
CVE-2024-34579 was published Jan 17, 2025
Eugeny Tabby Sends Password Despite Host Key Verification Failure High
CVE-2024-48460 was published for tabby-ssh (npm) Jan 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-23912 was published Jan 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-23911 was published Jan 16, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-23915 was published Jan 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-23913 was published Jan 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Nilesh Shiragave WordPress Gallery Plugin... High Unreviewed
CVE-2025-23842 was published Jan 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database