GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,070
Composer 4,319
Erlang 31
GitHub Actions 21
Go 2,077
Maven 5,250
npm 3,746
NuGet 674
pip 3,435
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,282

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,439 advisories

Filter by severity

Sort by

Least recently updated

The The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-10970 was published Jan 16, 2025

Mongoose before 8.9.5 can improperly use a nested $where filter with a populate() match, leading... Critical Unreviewed

CVE-2025-23061 was published Jan 15, 2025

Windows Search Service Elevation of Privilege Vulnerability High Unreviewed

CVE-2025-21292 was published Jan 14, 2025

Microsoft Power Automate Remote Code Execution Vulnerability High Unreviewed

CVE-2025-21187 was published Jan 14, 2025

SAP BusinessObjects Business Intelligence Platform allows an authenticated user with restricted... Moderate Unreviewed

CVE-2025-0060 was published Jan 14, 2025

MonicaHQ v4.1.2 was discovered to contain a Client-Side Injection vulnerability via the last_name... Moderate Unreviewed

CVE-2024-54999 was published Jan 13, 2025

In Code-Projects Online Car Rental System 1.0, the file upload feature does not validate file... Moderate Unreviewed

CVE-2024-57487 was published Jan 13, 2025

The administrator is able to configure an insecure captive portal script High Unreviewed

CVE-2024-9132 was published Jan 11, 2025

MonicaHQ v4.1.1 was discovered to contain an authenticated Client-Side Injection vulnerability... Moderate Unreviewed

CVE-2024-54997 was published Jan 10, 2025

An issue was discovered in Opsview Monitor Agent 6.8. An unauthenticated remote attacker can call... Critical Unreviewed

CVE-2023-28354 was published Jan 10, 2025

The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution, Arbitrary... Critical Unreviewed

CVE-2024-11613 was published Jan 8, 2025

The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution in all... Critical Unreviewed

CVE-2024-11635 was published Jan 8, 2025

Vulnerability of improper access control in the home screen widget module Impact: Successful... Moderate Unreviewed

CVE-2024-56448 was published Jan 8, 2025

File Upload Bypass was found in AdPortal 3.0.39 allows a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2024-50660 was published Jan 7, 2025

Server-Side Template Injection (SSTI) was found in AdPortal 3.0.39 allows a remote attacker to... Critical Unreviewed

CVE-2024-50658 was published Jan 7, 2025

A vulnerability was found in code-projects Online Book Shop 1.0 and classified as problematic.... Moderate Unreviewed

CVE-2025-0295 was published Jan 7, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Smackcoders WP... Critical Unreviewed

CVE-2024-56278 was published Jan 7, 2025

The Post Saint: ChatGPT, GPT4, DALL-E, Stable Diffusion, Pexels, Dezgo AI Text & Image Generator... High Unreviewed

CVE-2024-12471 was published Jan 7, 2025

The SEO LAT Auto Post plugin for WordPress is vulnerable to file overwrite due to a missing... Critical Unreviewed

CVE-2024-12252 was published Jan 7, 2025

The The Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler plugin for WordPress is... Moderate Unreviewed

CVE-2024-12419 was published Jan 7, 2025

Z-BlogPHP 1.7.3 is vulnerable to arbitrary code execution via \zb_users\theme\shell\template. Critical Unreviewed

CVE-2024-55529 was published Jan 6, 2025

A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file... Moderate Unreviewed

CVE-2023-6601 was published Jan 6, 2025

A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage... Moderate Unreviewed

CVE-2023-6604 was published Jan 6, 2025

The The WordPress Popular Posts plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed

CVE-2024-11733 was published Jan 4, 2025

The The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is... Moderate Unreviewed

CVE-2024-12238 was published Dec 29, 2024

Previous 1 2 3 4 5 … 137 138 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,439 advisories