GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,078
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,079
Maven 5,250
npm 3,747
NuGet 674
pip 3,435
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,294

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

241,294 advisories

Filter by severity

Sort by

Least recently updated

Unrestricted file upload vulnerability in the PMB platform, affecting versions 4.0.10 and above.... Critical Unreviewed

CVE-2025-0471 was published Jan 16, 2025

Vulnerability in the PMB platform that allows an attacker to persist temporary files on the... Moderate Unreviewed

CVE-2025-0473 was published Jan 16, 2025

Information exposure in the PMB platform affecting versions 4.2.13 and earlier. This... High Unreviewed

CVE-2025-0472 was published Jan 16, 2025

An unauthenticated remote attacker can cause a DoS in the controller due to uncontrolled resource... High Unreviewed

CVE-2018-25108 was published Jan 16, 2025

A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1,... High Unreviewed

CVE-2024-50563 was published Jan 16, 2025

The Admin and Customer Messages After Order for WooCommerce: OrderConvo plugin for WordPress is... Moderate Unreviewed

CVE-2024-13355 was published Jan 16, 2025

The WP Responsive Tabs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-13387 was published Jan 16, 2025

The Passwords Manager plugin for WordPress is vulnerable to unauthorized modification of data due... High Unreviewed

CVE-2024-12614 was published Jan 16, 2025

The Multi Step Form plugin for WordPress is vulnerable to unauthorized limited file upload due to... Moderate Unreviewed

CVE-2024-12427 was published Jan 16, 2025

The Passwords Manager plugin for WordPress is vulnerable to SQL Injection via the $wpdb->prefix... High Unreviewed

CVE-2024-12613 was published Jan 16, 2025

The Passwords Manager plugin for WordPress is vulnerable to SQL Injection via the $wpdb->prefix... Moderate Unreviewed

CVE-2024-12615 was published Jan 16, 2025

In affected versions of the Octopus Kubernetes worker or agent, sensitive variables could be... Moderate Unreviewed

CVE-2024-12226 was published Jan 16, 2025

A incorrect privilege assignment in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0... High Unreviewed

CVE-2024-45331 was published Jan 16, 2025

A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet... Moderate Unreviewed

CVE-2024-48885 was published Jan 16, 2025

The WP User Profile Avatar plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2024-10789 was published Jan 16, 2025

The Chamber Dashboard Business Directory plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-11452 was published Jan 16, 2025

The airPASS from NetVision Information has a Missing Authentication vulnerability, allowing... Critical Unreviewed

CVE-2025-0456 was published Jan 16, 2025

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Unknown Unreviewed

CVE-2024-10401 was published Jan 16, 2025

The airPASS from NetVision Information has a SQL Injection vulnerability, allowing... Critical Unreviewed

CVE-2025-0455 was published Jan 16, 2025

RE11S v1.11 was discovered to contain a stack overflow via the pptpUserName parameter in the... Unknown Unreviewed

CVE-2025-22904 was published Jan 16, 2025

The airPASS from NetVision Information has an OS Command Injection vulnerability, allowing remote... High Unreviewed

CVE-2025-0457 was published Jan 16, 2025

The DWT - Directory & Listing WordPress Theme is vulnerable to Reflected Cross-Site Scripting in... Moderate Unreviewed

CVE-2025-0170 was published Jan 16, 2025

The The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-10970 was published Jan 16, 2025

RE11S v1.11 was discovered to contain a stack overflow via the selSSID parameter in the... Critical Unreviewed

CVE-2025-22907 was published Jan 16, 2025

RE11S v1.11 was discovered to contain a command injection vulnerability via the component /goform... Critical Unreviewed

CVE-2025-22912 was published Jan 16, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

241,294 advisories