GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,152
Maven
5,000+
npm
3,816
NuGet
692
pip
3,492
Pub
12
RubyGems
902
Rust
900
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
96,745 advisories
Filter by severity
Dell ThinOS 2411 and prior, contains an Improper Neutralization of Special Elements used in a...
High
Unreviewed
CVE-2025-26331
was published
Mar 7, 2025
The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is...
High
Unreviewed
CVE-2025-1309
was published
Mar 7, 2025
The Gallery by BestWebSoft – Customizable Image and Photo Galleries for WordPress plugin for...
High
Unreviewed
CVE-2024-13906
was published
Mar 7, 2025
The Flex Mag - Responsive WordPress News Theme theme for WordPress is vulnerable to unauthorized...
High
Unreviewed
CVE-2024-13655
was published
Mar 7, 2025
The CURCY - WooCommerce Multi Currency - Currency Switcher plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-13320
was published
Mar 7, 2025
The Ultimate Video Player WordPress & WooCommerce Plugin plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-10804
was published
Mar 7, 2025
The CS Framework plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to,...
High
Unreviewed
CVE-2024-12036
was published
Mar 7, 2025
The CS Framework plugin for WordPress is vulnerable to arbitrary file deletion due to...
High
Unreviewed
CVE-2024-12035
was published
Mar 7, 2025
The Eventer - WordPress Event & Booking Manager Plugin plugin for WordPress is vulnerable to SQL...
High
Unreviewed
CVE-2025-0959
was published
Mar 7, 2025
The School Management System for Wordpress plugin for WordPress is vulnerable to privilege...
High
Unreviewed
CVE-2024-9658
was published
Mar 7, 2025
The Homey theme for WordPress is vulnerable to authentication bypass in versions up to, and...
High
Unreviewed
CVE-2025-0749
was published
Mar 7, 2025
When libcurl is asked to perform automatic gzip decompression of
content-encoded HTTP responses...
High
Unreviewed
CVE-2025-0725
was published
Feb 5, 2025
AgileBio Electronic Lab Notebook v4.234 was discovered to contain a local file inclusion...
High
Unreviewed
CVE-2023-24217
was published
Mar 7, 2023
A misconfiguration in Alphion ASEE-1443 Firmware v0.4.H.00.02.15 defines a previously...
High
Unreviewed
CVE-2024-57174
was published
Mar 5, 2025
A vulnerability in the remote connection complements of the NVDA (Nonvisual Desktop Access) 2024...
High
Unreviewed
CVE-2025-26326
was published
Feb 28, 2025
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF...
High
Unreviewed
CVE-2023-36274
was published
Jun 23, 2023
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen...
High
Unreviewed
CVE-2023-36271
was published
Jun 23, 2023
Okta Advanced Server Access Client versions 1.13.1 through 1.65.0 are vulnerable to command...
High
Unreviewed
CVE-2023-0093
was published
Mar 6, 2023
A cross-site scripting (XSS) vulnerability in Emlog Pro v2.5.4 allows attackers to execute...
High
Unreviewed
CVE-2025-25823
was published
Mar 6, 2025
A cross-site scripting (XSS) vulnerability in Emlog Pro v2.5.4 allows attackers to execute...
High
Unreviewed
CVE-2025-25825
was published
Mar 6, 2025
Path Traversal vulnerability in ElementInvader ElementInvader Addons for Elementor allows PHP...
High
Unreviewed
CVE-2025-22786
was published
Jan 15, 2025
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU...
High
Unreviewed
CVE-2023-36272
was published
Jun 23, 2023
A SQL Injection vulnerability has been identified in EPICOR Prophet 21 (P21) up to 23.2.5232....
High
Unreviewed
CVE-2024-42844
was published
Mar 6, 2025
Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.
High
Unreviewed
CVE-2024-43060
was published
Mar 3, 2025
VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local...
High
Unreviewed
CVE-2023-34057
was published
Oct 27, 2023
ProTip!
Advisories are also available from the
GraphQL API