Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,299
Erlang
31
GitHub Actions
21
Go
2,065
Maven
5,000+
npm
3,744
NuGet
668
pip
3,425
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

121,048 advisories

Loading
Vulnerability of improper permission control in the Gallery module Impact: Successful... Moderate Unreviewed
CVE-2023-52954 was published Jan 8, 2025
When batch jobs are executed by pgAgent, a script is created in a temporary directory and then... Moderate Unreviewed
CVE-2025-0218 was published Jan 7, 2025
IceWarp Server 10.2.1 is vulnerable to Cross Site Scripting (XSS) via the meta parameter. Moderate Unreviewed
CVE-2024-55218 was published Jan 7, 2025
Missing Authorization vulnerability in ORION Allada T-shirt Designer for Woocommerce.This issue... Moderate Unreviewed
CVE-2025-22363 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22500 was published Jan 7, 2025
Missing Authorization vulnerability in DearHive Social Media Share Buttons | MashShare.This issue... Moderate Unreviewed
CVE-2025-22319 was published Jan 7, 2025
Missing Authorization vulnerability in ThemeSupport Hide Category by User Role for WooCommerce... Moderate Unreviewed
CVE-2024-56272 was published Jan 7, 2025
Missing Authorization vulnerability in Lenderd 1003 Mortgage Application allows Exploiting... Moderate Unreviewed
CVE-2025-22591 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22354 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22365 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22334 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22585 was published Jan 7, 2025
A vulnerability classified as critical has been found in code-projects Online Book Shop 1.0.... Moderate Unreviewed
CVE-2025-0299 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22296 was published Jan 7, 2025
A vulnerability classified as critical was found in code-projects Online Book Shop 1.0. Affected... Moderate Unreviewed
CVE-2025-0300 was published Jan 7, 2025
Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in... Moderate Unreviewed
CVE-2025-22306 was published Jan 7, 2025
Missing Authorization vulnerability in SecureSubmit WP SecureSubmit.This issue affects WP... Moderate Unreviewed
CVE-2024-56270 was published Jan 7, 2025
In versions 1.0.67 and lower of the Splunk App for SOAR, the Splunk documentation for that app... Moderate Unreviewed
CVE-2025-22621 was published Jan 7, 2025
A vulnerability, which was classified as problematic, has been found in code-projects Online Book... Moderate Unreviewed
CVE-2025-0301 was published Jan 7, 2025
Multiple functions are vulnerable to Authorization Bypass in AIMS eCrew. The issue was fixed in... Moderate Unreviewed
CVE-2024-44450 was published Jan 7, 2025
An attacker who successfully exploited these vulnerabilities could grant read access to files. A... Moderate Unreviewed
CVE-2024-12429 was published Jan 7, 2025
Missing Authorization vulnerability in Ella van Durpe Slides & Presentations allows Exploiting... Moderate Unreviewed
CVE-2025-22534 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22545 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22577 was published Jan 7, 2025
Missing Authorization vulnerability in Etruel Developments LLC WP Delete Post Copies allows... Moderate Unreviewed
CVE-2025-22541 was published Jan 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database