GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,198
Composer 4,343
Erlang 31
GitHub Actions 22
Go 2,107
Maven 5,283
npm 3,764
NuGet 679
pip 3,452
Pub 12
RubyGems 892
Rust 886
Swift 37

Unreviewed advisories

All unreviewed 243,257

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

264,455 advisories

Filter by severity

Sort by

Least recently updated

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for... Moderate Unreviewed

CVE-2024-13428 was published Feb 1, 2025

The MagicForm plugin for WordPress is vulnerable to access and modification of data due to a... Moderate Unreviewed

CVE-2025-0939 was published Feb 1, 2025

An Improper Certificate Validation on UniFi OS devices, with Identity Enterprise configured,... Moderate Unreviewed

CVE-2025-23091 was published Feb 1, 2025

Dell PowerProtect DD versions prior to 7.10.1.50 and 7.13.1.20 contain a Stack-based Buffer... Low Unreviewed

CVE-2024-53296 was published Feb 1, 2025

Dell PowerProtect DD versions prior to 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain an improper... High Unreviewed

CVE-2024-53295 was published Feb 1, 2025

The Directorist: AI-Powered WordPress Business Directory Plugin with Classified Ads Listings... Moderate Unreviewed

CVE-2024-12041 was published Feb 1, 2025

The Responsive iframe WordPress plugin through 1.2.0 does not validate and escape some of its... Unknown Unreviewed

CVE-2024-12768 was published Feb 1, 2025

The WP Finance WordPress plugin through 1.3.6 does not sanitise and escape a parameter before... Unknown Unreviewed

CVE-2024-13097 was published Feb 1, 2025

The WordPress Email Newsletter WordPress plugin through 1.1 does not sanitise and escape a... Unknown Unreviewed

CVE-2024-13098 was published Feb 1, 2025

The WP Finance WordPress plugin through 1.3.6 does not have CSRF check in some places, and is... Unknown Unreviewed

CVE-2024-13096 was published Feb 1, 2025

The Widget4Call WordPress plugin through 1.0.7 does not sanitise and escape a parameter before... Unknown Unreviewed

CVE-2024-13099 was published Feb 1, 2025

The Jupiter X Core plugin for WordPress is vulnerable to Local File Inclusion to Remote Code... High Unreviewed

CVE-2025-0366 was published Feb 1, 2025

The Jupiter X Core plugin for WordPress is vulnerable to Directory Traversal in all versions up... Moderate Unreviewed

CVE-2025-0365 was published Feb 1, 2025

The Site Search 360 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-11780 was published Feb 1, 2025

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-12171 was published Feb 1, 2025

The WordPress Contact Forms by Cimatti plugin for WordPress is vulnerable to unauthorized access... Moderate Unreviewed

CVE-2024-12184 was published Feb 1, 2025

The AnimateGL Animations for WordPress – Elementor & Gutenberg Blocks Animations plugin for... Moderate Unreviewed

CVE-2024-12620 was published Feb 1, 2025

The WooCommerce Customers Manager plugin for WordPress is vulnerable to Privilege Escalation due... High Unreviewed

CVE-2024-13343 was published Feb 1, 2025

The aThemes Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-13547 was published Feb 1, 2025

The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-13651 was published Feb 1, 2025

Dell PowerProtect DD versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain a path... High Unreviewed

CVE-2024-51534 was published Feb 1, 2025

In macrozheng mall-tiny 1.0.1, an attacker can send null data through the resource creation... Unknown Unreviewed

CVE-2024-57435 was published Feb 1, 2025

macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control via the logout function.... Unknown Unreviewed

CVE-2024-57433 was published Feb 1, 2025

macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control. The project imports users... Unknown Unreviewed

CVE-2024-57434 was published Feb 1, 2025

EasyVirt DCScope 8.6.0 and earlier and co2Scope 1.3.0 and earlier are vulnerable to SQL Injection... Unknown Unreviewed

CVE-2024-57587 was published Feb 1, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

264,455 advisories