Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

102,405 advisories

Loading
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to time-based... High Unreviewed
CVE-2024-13184 was published Jan 18, 2025
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction &... High Unreviewed
CVE-2025-0308 was published Jan 18, 2025
Teradata Vantage Editor 1.0.1 is mostly intended for SQL database access and docs.teradata.com... High Unreviewed
CVE-2024-52870 was published Jan 17, 2025
A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in... High Unreviewed
CVE-2023-50739 was published Jan 18, 2025
The Passwords Manager plugin for WordPress is vulnerable to unauthorized modification of data due... High Unreviewed
CVE-2024-12614 was published Jan 16, 2025
Zot IdP group membership revocation ignored High
CVE-2025-23208 was published for zotregistry.dev/zot (Go) Jan 17, 2025
jeff-mccoy
nbgrader's `frame-ancestors: self` grants all users access to formgrader High
CVE-2025-23205 was published for nbgrader (pip) Jan 17, 2025
.NET Elevation of Privilege Vulnerability High
CVE-2024-21409 was published for Microsoft.WindowsDesktop.App.Runtime.win-arm64 (NuGet) Apr 17, 2024
rbhanda
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-11916 was published Jan 8, 2025
The Elementor Addon Elements plugin for WordPress is vulnerable to Directory Traversal in all... High Unreviewed
CVE-2024-1358 was published Mar 13, 2024
Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local... High Unreviewed
CVE-2024-9842 was published Nov 12, 2024
A vulnerability was found in Tenda AC500 2.0.1.9(1307). It has been rated as critical. This issue... High Unreviewed
CVE-2024-3907 was published Apr 17, 2024
Substance3D - Stager versions 3.0.4 and earlier are affected by a Stack-based Buffer Overflow... High Unreviewed
CVE-2025-21128 was published Jan 14, 2025
Signature forgery in Spring Boot's Loader High
CVE-2024-38807 was published for org.springframework.boot:spring-boot-loader (Maven) Aug 23, 2024
Substance3D - Stager versions 3.0.4 and earlier are affected by a Heap-based Buffer Overflow... High Unreviewed
CVE-2025-21129 was published Jan 14, 2025
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143. High Unreviewed
CVE-2023-0049 was published Jan 4, 2023
Wegia < 3.2.0 is vulnerable to Cross Site Scripting (XSS) in /geral/documentos_funcionario.php... High Unreviewed
CVE-2024-57030 was published Jan 17, 2025
Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-21399 was published Jan 17, 2025
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential... High Unreviewed
CVE-2023-52434 was published Feb 20, 2024
The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login... High Unreviewed
CVE-2024-1990 was published Apr 9, 2024
ip SSRF improper categorization in isPublic High
CVE-2024-29415 was published for ip (npm) Jun 2, 2024
ThisIsMissEm
Excessive binary privileges in Ivanti Connect Secure which affects versions 22.4R2 through 22.7R2... High Unreviewed
CVE-2024-47906 was published Nov 12, 2024
Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows... High Unreviewed
CVE-2015-2426 was published May 14, 2022
Command injection in nevado-jms High
CVE-2023-31826 was published for org.skyscreamer:nevado-jms (Maven) May 23, 2023
An issue in the AsDB service of HI-SCAN 6040i Hitrax HX-03-19-I allows attackers to enumerate... High Unreviewed
CVE-2024-48125 was published Jan 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database