Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,778
Erlang
36
GitHub Actions
29
Go
2,334
Maven
5,000+
npm
3,967
NuGet
713
pip
3,765
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

921 advisories

Loading
The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is... High Unreviewed
CVE-2025-5282 was published Jun 13, 2025
Due to missing authorization of an API endpoint, unauthorized users can send HTTP GET requests to... High Unreviewed
CVE-2025-49181 was published Jun 12, 2025
Files in the source code contain login credentials for the admin user and the property... High Unreviewed
CVE-2025-49182 was published Jun 12, 2025
SunGrow's back end users system iSolarCloud https://isolarcloud.com  uses an MQTT service to... High Unreviewed
CVE-2025-29756 was published Jun 11, 2025
SAP Business Warehouse and SAP Plug-In Basis allows an authenticated attacker to drop arbitrary... High Unreviewed
CVE-2025-42983 was published Jun 10, 2025
SAP GRC allows a non-administrative user to access and initiate transaction which could allow... High Unreviewed
CVE-2025-42982 was published Jun 10, 2025
Missing Authorization vulnerability in WP Swings Membership For WooCommerce allows Accessing... High Unreviewed
CVE-2025-49265 was published Jun 9, 2025
Missing Authorization vulnerability in Fahad Mahmood Stock Locations for WooCommerce allows... High Unreviewed
CVE-2025-47463 was published Jun 9, 2025
Missing Authorization vulnerability in Icegram Icegram Collect – Easy Form, Lead Collection and... High Unreviewed
CVE-2025-47527 was published Jun 9, 2025
Missing Authorization vulnerability in looks_awesome Team Builder allows Exploiting Incorrectly... High Unreviewed
CVE-2025-32308 was published Jun 9, 2025
Smart Parking Management System from Honding Technology has a Missing Authorization vulnerability... High Unreviewed
CVE-2025-5894 was published Jun 9, 2025
Missing Authorization vulnerability in Christiaan Pieterse MaxiBlocks allows Privilege Escalation... High Unreviewed
CVE-2025-47601 was published Jun 7, 2025
A missing authorization vulnerability in Soar Cloud HRD Human Resource Management System through... High Unreviewed
CVE-2025-48784 was published Jun 6, 2025
The Hive Support plugin for WordPress is vulnerable to unauthorized access and modification of... High Unreviewed
CVE-2025-5018 was published Jun 6, 2025
The Property plugin for WordPress is vulnerable to Privilege Escalation due to a missing... High Unreviewed
CVE-2025-5117 was published May 27, 2025
Missing authorization vulnerability in TCMAN's GIM v11. This allows an authenticated attacker to... High Unreviewed
CVE-2025-40667 was published May 26, 2025
Missing Authorization vulnerability in smackcoders Lead Form Data Collection to CRM allows... High Unreviewed
CVE-2025-47690 was published May 23, 2025
Missing Authorization vulnerability in RomanCode MapSVG allows Accessing Functionality Not... High Unreviewed
CVE-2025-47558 was published May 23, 2025
Missing Authorization vulnerability in dastan800 Visual Builder allows Reflected XSS. This issue... High Unreviewed
CVE-2025-46488 was published May 23, 2025
Missing Authorization vulnerability in Chimpstudio JobHunt Job Alerts allows Exploiting... High Unreviewed
CVE-2025-39536 was published May 23, 2025
VMware Cloud Foundation contains a missing authorisation vulnerability. A malicious actor with... High Unreviewed
CVE-2025-41231 was published May 20, 2025
Missing Authorization vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a... High Unreviewed
CVE-2025-39350 was published May 19, 2025
Missing Authorization vulnerability in ThemeGoods Grand Restaurant WordPress allows Exploiting... High Unreviewed
CVE-2025-39352 was published May 19, 2025
Missing Authorization vulnerability in Crocoblock JetBlocks For Elementor allows Accessing... High Unreviewed
CVE-2025-39451 was published May 19, 2025
Missing Authorization vulnerability in Crocoblock JetWooBuilder allows Accessing Functionality... High Unreviewed
CVE-2025-39449 was published May 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database