GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,198
Composer 4,343
Erlang 31
GitHub Actions 22
Go 2,107
Maven 5,283
npm 3,764
NuGet 679
pip 3,452
Pub 12
RubyGems 892
Rust 886
Swift 37

Unreviewed advisories

All unreviewed 243,202

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

113,585 advisories

Filter by severity

Sort by

Least recently updated

The VR-Frases (collect & share quotes) plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2025-0860 was published Jan 30, 2025

The VR-Frases (collect & share quotes) plugin for WordPress is vulnerable to SQL Injection via... Moderate Unreviewed

CVE-2025-0861 was published Jan 30, 2025

The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2024-13642 was published Jan 30, 2025

The CP Contact Form with PayPal plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed

CVE-2024-13758 was published Jan 30, 2025

The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2024-13470 was published Jan 30, 2025

The Responsive Blocks – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored... Moderate Unreviewed

CVE-2024-13732 was published Jan 30, 2025

The Event Tickets and Registration plugin for WordPress is vulnerable to Insecure Direct Object... Moderate Unreviewed

CVE-2024-13457 was published Jan 30, 2025

The Bulk Me Now! WordPress plugin through 2.0 does not have CSRF checks in some places, which... Moderate Unreviewed

CVE-2024-12709 was published Jan 30, 2025

The EthereumICO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2024-12921 was published Jan 30, 2025

The goodlayers-core WordPress plugin before 2.1.3 allows users with a subscriber role and above... Moderate Unreviewed

CVE-2024-12163 was published Jan 30, 2025

The Tracking Code Manager WordPress plugin before 2.4.0 does not sanitise and escape some of its... Moderate Unreviewed

CVE-2024-10309 was published Jan 30, 2025

In some cases, the ktrace facility will log the contents of kernel structures to userspace. In... Moderate Unreviewed

CVE-2025-0662 was published Jan 30, 2025

A vulnerability classified as critical has been found in CampCodes School Management Software 1.0... Moderate Unreviewed

CVE-2025-0849 was published Jan 30, 2025

A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been... Moderate Unreviewed

CVE-2025-0847 was published Jan 30, 2025

A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been... Moderate Unreviewed

CVE-2025-0846 was published Jan 30, 2025

A vulnerability was found in needyamin Library Card System 1.0. It has been declared as... Moderate Unreviewed

CVE-2025-0844 was published Jan 30, 2025

A vulnerability was found in needyamin Library Card System 1.0. It has been classified as... Moderate Unreviewed

CVE-2025-0843 was published Jan 30, 2025

A vulnerability was found in needyamin Library Card System 1.0 and classified as critical. This... Moderate Unreviewed

CVE-2025-0842 was published Jan 30, 2025

A floating-point exception (FPE) vulnerability exists in the AP4_TfraAtom::AP4_TfraAtom function... Moderate Unreviewed

CVE-2024-57513 was published Jan 30, 2025

HTML Injection vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to... Moderate Unreviewed

CVE-2024-51182 was published Jan 30, 2025

A vulnerability has been found in Aridius XYZ up to 20240927 on OpenCart and classified as... Moderate Unreviewed

CVE-2025-0841 was published Jan 29, 2025

A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This... Moderate Unreviewed

CVE-2025-0840 was published Jan 29, 2025

Insertion of Sensitive Information into Log File vulnerability observed in FLEXON. Some... Moderate Unreviewed

CVE-2024-48852 was published Jan 29, 2025

IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords... Moderate Unreviewed

CVE-2023-35907 was published Jan 29, 2025

IBM Aspera Faspex 5.0.0 through 5.0.10 could allow a privileged user to make system changes... Moderate Unreviewed

CVE-2023-37412 was published Jan 29, 2025

Previous 1 2 3 4 5 6 7 8 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

113,585 advisories