GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,369
Composer 4,373
Erlang 33
GitHub Actions 22
Go 2,135
Maven 5,313
npm 3,797
NuGet 687
pip 3,478
Pub 12
RubyGems 896
Rust 897
Swift 38

Unreviewed advisories

All unreviewed 245,405

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

96,216 advisories

Filter by severity

Sort by

Least recently updated

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-22656 was published Feb 18, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2025-22639 was published Feb 18, 2025

An issue was discovered in Fluent Bit 3.1.9. When the OpenTelemetry input plugin is running and... High Unreviewed

CVE-2024-50609 was published Feb 18, 2025

An issue was discovered in Fluent Bit 3.1.9. When the Prometheus Remote Write input plugin is... High Unreviewed

CVE-2024-50608 was published Feb 18, 2025

An issue was discovered in Atos Eviden IDRA before 2.7.1. A highly trusted role (Config Admin)... High Unreviewed

CVE-2024-51505 was published Feb 18, 2025

Sage DPW before 2024_12_001 is vulnerable to Incorrect Access Control. The implemented role-based... High Unreviewed

CVE-2024-56883 was published Feb 18, 2025

In the Linux kernel, the following vulnerability has been resolved: netem: Update sch->q.qlen... High Unreviewed

CVE-2025-21703 was published Feb 18, 2025

A vulnerability in the Netgear DGN2200 router with firmware version v1.0.0.46 and earlier permits... High Unreviewed

CVE-2024-57046 was published Feb 18, 2025

The Post SMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the from and... High Unreviewed

CVE-2025-0521 was published Feb 18, 2025

The FormCraft plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File... High Unreviewed

CVE-2025-0817 was published Feb 18, 2025

The Uncode theme for WordPress is vulnerable to arbitrary file read due to insufficient input... High Unreviewed

CVE-2024-13681 was published Feb 18, 2025

The PressMart - Modern Elementor WooCommerce WordPress Theme theme for WordPress is vulnerable to... High Unreviewed

CVE-2024-13797 was published Feb 18, 2025

The Brooklyn theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and... High Unreviewed

CVE-2024-13636 was published Feb 18, 2025

A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to hijack a user's... High Unreviewed

CVE-2025-0981 was published Feb 18, 2025

An authenticated user in the "bestinformed Web" application can execute commands on the... High Unreviewed

CVE-2025-0422 was published Feb 18, 2025

Via the GUI of the "bestinformed Infoclient", a low-privileged user is by default able to change... High Unreviewed

CVE-2025-0425 was published Feb 18, 2025

The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... High Unreviewed

CVE-2024-13704 was published Feb 18, 2025

Insecure Loading of Dynamic Link Libraries have been discovered in USB-CONVERTERCABLE DRIVER,... High Unreviewed

CVE-2024-57963 was published Feb 18, 2025

Insecure Loading of Dynamic Link Libraries have been discovered in HVAC Energy Saving Program,... High Unreviewed

CVE-2024-57964 was published Feb 18, 2025

The File Uploads Addon for WooCommerce plugin for WordPress is vulnerable to Sensitive... High Unreviewed

CVE-2024-13622 was published Feb 18, 2025

The GetBookingsWP – Appointments Booking Calendar Plugin For WordPress plugin for WordPress is... High Unreviewed

CVE-2024-13677 was published Feb 18, 2025

The Reset plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to,... High Unreviewed

CVE-2024-13684 was published Feb 18, 2025

The Option Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0... High Unreviewed

CVE-2024-13852 was published Feb 18, 2025

The Shopwarden – Automated WooCommerce monitoring & testing plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-13315 was published Feb 18, 2025

The Affiliate Links: WordPress Plugin for Link Cloaking and Link Management plugin for WordPress... High Unreviewed

CVE-2024-13556 was published Feb 18, 2025

Previous 1 2 3 4 5 6 7 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

96,216 advisories