Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,762
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

3,721 advisories

Loading
The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-1127 was published Mar 13, 2024
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-1133 was published Feb 29, 2024
The LadiApp plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed
CVE-2023-4627 was published Mar 12, 2024
The NitroPack plugin for WordPress is vulnerable to unauthorized modification of data due to a... High Unreviewed
CVE-2024-11848 was published Jan 15, 2025
The NitroPack plugin for WordPress is vulnerable to unauthorized arbitrary transient update due... Moderate Unreviewed
CVE-2024-11851 was published Jan 15, 2025
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to bypass to user... Moderate Unreviewed
CVE-2024-4444 was published May 14, 2024
XWiki Realtime WYSIWYG Editor extension allows privilege escalation (PR) through realtime WYSIWYG editing Critical
CVE-2025-23025 was published for org.xwiki.platform:xwiki-platform-realtime-wysiwyg-ui (Maven) Jan 14, 2025
The W3 Total Cache plugin for WordPress is vulnerable to unauthorized access of data due to a... High Unreviewed
CVE-2024-12365 was published Jan 14, 2025
The W3 Total Cache plugin for WordPress is vulnerable to unauthorized modification of data due to... Moderate Unreviewed
CVE-2024-12006 was published Jan 14, 2025
An obsolete functionality in SAP NetWeaver Application Server ABAP did not perform necessary... Moderate Unreviewed
CVE-2025-0068 was published Jan 14, 2025
Due to a missing authorization check on service endpoints in the SAP NetWeaver Application Server... Moderate Unreviewed
CVE-2025-0067 was published Jan 14, 2025
Missing Authorization vulnerability in Post SMTP Post SMTP allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-22800 was published Jan 13, 2025
The Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups plugin... Moderate Unreviewed
CVE-2024-12204 was published Jan 11, 2025
Missing Authorization vulnerability in Drupal Download All Files allows Forceful Browsing.This... Moderate Unreviewed
CVE-2024-13303 was published Jan 9, 2025
Missing Authorization vulnerability in Drupal Entity Delete Log allows Forceful Browsing.This... Moderate Unreviewed
CVE-2024-13243 was published Jan 9, 2025
Mattermost leaks details of AD/LDAP groups of a teams Moderate
CVE-2024-23493 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 29, 2024
The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3,... Moderate Unreviewed
CVE-2024-12606 was published Jan 10, 2025
Ray Missing Authorization vulnerability Critical
CVE-2023-6020 was published for ray (pip) Nov 16, 2023
cpropps-sysdig
Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue... Unknown Unreviewed
CVE-2024-13312 was published Jan 9, 2025
Improper access control vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5... High Unreviewed
CVE-2023-28657 was published Jun 1, 2023
In Eclipse Dataspace Components versions 0.1.3 to 0.9.0, the Connector component filters which... Moderate Unreviewed
CVE-2024-9202 was published Sep 27, 2024
Missing Authorization vulnerability in Jason Funk Title Experiments Free allows Exploiting... Moderate Unreviewed
CVE-2025-22561 was published Jan 9, 2025
The GS Insever Portfolio plugin for WordPress is vulnerable to unauthorized modification of data... Moderate Unreviewed
CVE-2024-12249 was published Jan 9, 2025
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-6155 was published Jan 9, 2025
The Bitly's WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification... Moderate Unreviewed
CVE-2024-12616 was published Jan 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database