Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,299
Erlang
31
GitHub Actions
21
Go
2,065
Maven
5,000+
npm
3,744
NuGet
668
pip
3,425
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

121,048 advisories

Loading
A vulnerability was found in code-projects Online Book Shop 1.0. It has been rated as critical.... Moderate Unreviewed
CVE-2025-0298 was published Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Digital Zoom Studio Admin debug wordpress –... Moderate Unreviewed
CVE-2025-22503 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22524 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22525 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22511 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22518 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22529 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22530 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22517 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22516 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22531 was published Jan 7, 2025
IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 is vulnerable to exposure... Moderate Unreviewed
CVE-2024-28778 was published Jan 7, 2025
IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote... Moderate Unreviewed
CVE-2024-25037 was published Jan 7, 2025
IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote... Moderate Unreviewed
CVE-2022-22363 was published Jan 7, 2025
IBM Security ReaQta 3.12 could allow a privileged user to cause a denial of service by sending... Moderate Unreviewed
CVE-2024-45100 was published Jan 7, 2025
A vulnerability has been found in SourceCodester Home Clean Services Management System 1.0 and... Moderate Unreviewed
CVE-2025-0294 was published Jan 7, 2025
The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor... Moderate Unreviewed
CVE-2024-12738 was published Jan 7, 2025
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for... Moderate Unreviewed
CVE-2024-12131 was published Jan 7, 2025
IBM Security ReaQta 3.12 returns sensitive information in an HTTP response that could be used in... Moderate Unreviewed
CVE-2024-45640 was published Jan 7, 2025
A vulnerability was found in code-projects Online Book Shop 1.0. It has been classified as... Moderate Unreviewed
CVE-2025-0296 was published Jan 7, 2025
A vulnerability was found in code-projects Online Book Shop 1.0 and classified as problematic.... Moderate Unreviewed
CVE-2025-0295 was published Jan 7, 2025
Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor... Moderate Unreviewed
CVE-2024-12426 was published Jan 7, 2025
matrix-sdk-crypto missing facility to signal rotation of a verified cryptographic identity Moderate
CVE-2024-52813 was published for matrix-sdk-crypto (Rust) Jan 7, 2025
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could allow a remote attacker to... Moderate Unreviewed
CVE-2024-52366 was published Jan 7, 2025
The Jupiter X Core plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed
CVE-2024-12316 was published Jan 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database