GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,070
Composer 4,319
Erlang 31
GitHub Actions 21
Go 2,077
Maven 5,250
npm 3,746
NuGet 674
pip 3,435
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,293

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,200 advisories

Filter by severity

Sort by

Least recently updated

The Multi Step Form plugin for WordPress is vulnerable to unauthorized limited file upload due to... Moderate Unreviewed

CVE-2024-12427 was published Jan 16, 2025

Missing Authorization vulnerability in Ugur CELIK WP News Sliders allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2025-22779 was published Jan 15, 2025

Missing Authorization vulnerability in bPlugins LLC Button Block allows Accessing Functionality... Moderate Unreviewed

CVE-2025-22787 was published Jan 15, 2025

Missing Authorization vulnerability in MagePeople Team WpTravelly allows Accessing Functionality... Moderate Unreviewed

CVE-2025-22737 was published Jan 15, 2025

Missing Authorization vulnerability in Poll Maker Team Poll Maker allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2024-56295 was published Jan 15, 2025

Missing Authorization vulnerability in Infomaniak Staff VOD Infomaniak allows Exploiting... Moderate Unreviewed

CVE-2025-22729 was published Jan 15, 2025

The NitroPack plugin for WordPress is vulnerable to unauthorized arbitrary transient update due... Moderate Unreviewed

CVE-2024-11851 was published Jan 15, 2025

The NitroPack plugin for WordPress is vulnerable to unauthorized modification of data due to a... High Unreviewed

CVE-2024-11848 was published Jan 15, 2025

The W3 Total Cache plugin for WordPress is vulnerable to unauthorized modification of data due to... Moderate Unreviewed

CVE-2024-12006 was published Jan 14, 2025

The W3 Total Cache plugin for WordPress is vulnerable to unauthorized access of data due to a... High Unreviewed

CVE-2024-12365 was published Jan 14, 2025

Due to a missing authorization check on service endpoints in the SAP NetWeaver Application Server... Moderate Unreviewed

CVE-2025-0067 was published Jan 14, 2025

An obsolete functionality in SAP NetWeaver Application Server ABAP did not perform necessary... Moderate Unreviewed

CVE-2025-0068 was published Jan 14, 2025

Missing Authorization vulnerability in Post SMTP Post SMTP allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2025-22800 was published Jan 13, 2025

The Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups plugin... Moderate Unreviewed

CVE-2024-12204 was published Jan 11, 2025

The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3,... Moderate Unreviewed

CVE-2024-12606 was published Jan 10, 2025

Missing Authorization vulnerability in Drupal Download All Files allows Forceful Browsing.This... Moderate Unreviewed

CVE-2024-13303 was published Jan 9, 2025

Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue... Unknown Unreviewed

CVE-2024-13312 was published Jan 9, 2025

Missing Authorization vulnerability in Drupal Entity Delete Log allows Forceful Browsing.This... Moderate Unreviewed

CVE-2024-13243 was published Jan 9, 2025

Missing Authorization vulnerability in Jason Funk Title Experiments Free allows Exploiting... Moderate Unreviewed

CVE-2025-22561 was published Jan 9, 2025

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-6155 was published Jan 9, 2025

The Bitly's WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification... Moderate Unreviewed

CVE-2024-12616 was published Jan 9, 2025

The linkID plugin for WordPress is vulnerable to unauthorized access of data due to a missing... High Unreviewed

CVE-2024-12542 was published Jan 9, 2025

The Newsletter2Go plugin for WordPress is vulnerable to unauthorized modification of data due to... Moderate Unreviewed

CVE-2024-12618 was published Jan 9, 2025

The SKT Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to a... High Unreviewed

CVE-2024-12848 was published Jan 9, 2025

The MIMO Woocommerce Order Tracking plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2024-5769 was published Jan 9, 2025

Previous 1 2 3 4 5 … 127 128 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,200 advisories