GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,074
Composer 4,320
Erlang 31
GitHub Actions 21
Go 2,079
Maven 5,250
npm 3,747
NuGet 674
pip 3,435
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,294

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,228 advisories

Filter by severity

Sort by

Least recently updated

The Multi Step Form plugin for WordPress is vulnerable to unauthorized limited file upload due to... Moderate Unreviewed

CVE-2024-12427 was published Jan 16, 2025

Missing Authorization vulnerability in Ugur CELIK WP News Sliders allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2025-22779 was published Jan 15, 2025

Missing Authorization vulnerability in bPlugins LLC Button Block allows Accessing Functionality... Moderate Unreviewed

CVE-2025-22787 was published Jan 15, 2025

Missing Authorization vulnerability in MagePeople Team WpTravelly allows Accessing Functionality... Moderate Unreviewed

CVE-2025-22737 was published Jan 15, 2025

Missing Authorization vulnerability in Poll Maker Team Poll Maker allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2024-56295 was published Jan 15, 2025

Missing Authorization vulnerability in Infomaniak Staff VOD Infomaniak allows Exploiting... Moderate Unreviewed

CVE-2025-22729 was published Jan 15, 2025

The NitroPack plugin for WordPress is vulnerable to unauthorized arbitrary transient update due... Moderate Unreviewed

CVE-2024-11851 was published Jan 15, 2025

The W3 Total Cache plugin for WordPress is vulnerable to unauthorized modification of data due to... Moderate Unreviewed

CVE-2024-12006 was published Jan 14, 2025

Due to a missing authorization check on service endpoints in the SAP NetWeaver Application Server... Moderate Unreviewed

CVE-2025-0067 was published Jan 14, 2025

An obsolete functionality in SAP NetWeaver Application Server ABAP did not perform necessary... Moderate Unreviewed

CVE-2025-0068 was published Jan 14, 2025

Missing Authorization vulnerability in Post SMTP Post SMTP allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2025-22800 was published Jan 13, 2025

The Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups plugin... Moderate Unreviewed

CVE-2024-12204 was published Jan 11, 2025

The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3,... Moderate Unreviewed

CVE-2024-12606 was published Jan 10, 2025

Missing Authorization vulnerability in Drupal Download All Files allows Forceful Browsing.This... Moderate Unreviewed

CVE-2024-13303 was published Jan 9, 2025

Missing Authorization vulnerability in Drupal Entity Delete Log allows Forceful Browsing.This... Moderate Unreviewed

CVE-2024-13243 was published Jan 9, 2025

Missing Authorization vulnerability in Jason Funk Title Experiments Free allows Exploiting... Moderate Unreviewed

CVE-2025-22561 was published Jan 9, 2025

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-6155 was published Jan 9, 2025

The Bitly's WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification... Moderate Unreviewed

CVE-2024-12616 was published Jan 9, 2025

The Newsletter2Go plugin for WordPress is vulnerable to unauthorized modification of data due to... Moderate Unreviewed

CVE-2024-12618 was published Jan 9, 2025

The MIMO Woocommerce Order Tracking plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2024-5769 was published Jan 9, 2025

The Responsive FlipBook Plugin Wordpress plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-11929 was published Jan 9, 2025

The GS Insever Portfolio plugin for WordPress is vulnerable to unauthorized modification of data... Moderate Unreviewed

CVE-2024-12249 was published Jan 9, 2025

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.5 before 17.5.5,... Moderate Unreviewed

CVE-2024-12431 was published Jan 8, 2025

The Shopping Cart & eCommerce Store plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2024-12712 was published Jan 8, 2025

The AdForest theme for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed

CVE-2024-12855 was published Jan 8, 2025

Previous 1 2 3 4 5 … 89 90 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,228 advisories