GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,537
Composer 4,454
Erlang 33
GitHub Actions 22
Go 2,153
Maven 5,330
npm 3,818
NuGet 693
pip 3,492
Pub 12
RubyGems 902
Rust 903
Swift 38

Unreviewed advisories

All unreviewed 247,017

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

172 advisories

Filter by severity

Sort by

Least recently updated

The Golo - City Travel Guide WordPress Theme theme for WordPress is vulnerable to privilege... Critical Unreviewed

CVE-2024-12876 was published Mar 7, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed

CVE-2025-27666 was published Mar 5, 2025

Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 was... Critical Unreviewed

CVE-2025-25953 was published Mar 3, 2025

Incorrect access control in the component /rest/staffResource/findAllUsersAcrossOrg of Serosoft... Critical Unreviewed

CVE-2025-27583 was published Mar 3, 2025

The Newscrunch theme for WordPress is vulnerable to arbitrary file uploads due to a missing... Critical Unreviewed

CVE-2025-1307 was published Mar 4, 2025

Missing Authorization vulnerability in NotFound Residential Address Detection allows Privilege... Critical Unreviewed

CVE-2025-27270 was published Mar 3, 2025

The Oliver POS – A WooCommerce Point of Sale (POS) plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2024-13513 was published Feb 15, 2025

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin... Critical Unreviewed

CVE-2024-2771 was published May 18, 2024

The Media Manager for UserPro plugin for WordPress is vulnerable to unauthorized modification of... Critical Unreviewed

CVE-2024-12822 was published Jan 30, 2025

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is... Critical Unreviewed

CVE-2022-0543 was published Feb 19, 2022

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, watchOS... Critical Unreviewed

CVE-2024-54530 was published Jan 28, 2025

The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of... Critical Unreviewed

CVE-2024-4223 was published May 16, 2024

Missing Authorization vulnerability in Inspry Agency Toolkit allows Privilege Escalation.This... Critical Unreviewed

CVE-2024-56066 was published Dec 31, 2024

The WooCommerce Point of Sale plugin for WordPress is vulnerable to privilege escalation in all... Critical Unreviewed

CVE-2024-11281 was published Dec 25, 2024

Missing Authorization vulnerability in ThemeHunk Zita Site Builder allows Accessing Functionality... Critical Unreviewed

CVE-2024-54369 was published Dec 16, 2024

An issue was discovered in MSA Safety FieldServer Gateways and Embedded Modules with build... Critical Unreviewed

CVE-2024-45493 was published Dec 10, 2024

Missing Authorization vulnerability in dugudlabs Eyewear prescription form allows Privilege... Critical Unreviewed

CVE-2024-54239 was published Dec 13, 2024

Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support... Critical Unreviewed

CVE-2022-46838 was published Dec 13, 2024

Missing Authorization vulnerability in Envato Security Team Sweet Date.This issue affects Sweet... Critical Unreviewed

CVE-2024-43222 was published Dec 9, 2024

Missing Authorization vulnerability in SoftLab Integrate Google Drive allows Exploiting... Critical Unreviewed

CVE-2023-32117 was published Dec 9, 2024

Missing Authorization vulnerability in Najeeb Ahmad Simple User Registration allows Accessing... Critical Unreviewed

CVE-2024-53810 was published Dec 6, 2024

The SV100 Companion plugin for WordPress is vulnerable to unauthorized modification of data that... Critical Unreviewed

CVE-2024-12155 was published Dec 6, 2024

The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2024-10542 was published Nov 26, 2024

NVIDIA Base Command Manager contains a missing authentication vulnerability in the CMDaemon... Critical Unreviewed

CVE-2024-0138 was published Nov 23, 2024

sunniwell HT3300 before 1.0.0.B022.2 is vulnerable to Insecure Permissions. The /usr/local/bin... Critical Unreviewed

CVE-2024-48073 was published Nov 9, 2024

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

172 advisories