Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,669
Erlang
34
GitHub Actions
26
Go
2,261
Maven
5,000+
npm
3,910
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

106,853 advisories

Loading
There is a DDE injection vulnerability in the GoldenDB database product. Attackers can inject DDE... High Unreviewed
CVE-2025-46579 was published Apr 27, 2025
There is a code-related vulnerability in the GoldenDB database product. Attackers can access... High Unreviewed
CVE-2025-46580 was published Apr 27, 2025
The Edumall theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and... High Unreviewed
CVE-2025-2101 was published Apr 26, 2025
A vulnerability classified as critical has been found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16... High Unreviewed
CVE-2025-2851 was published Apr 26, 2025
The Add custom page template plugin for WordPress is vulnerable to PHP Code Injection leading to... High Unreviewed
CVE-2025-3491 was published Apr 26, 2025
The Jupiter X Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up... High Unreviewed
CVE-2025-2105 was published Apr 26, 2025
The Integração entre Eduzz e Woocommerce plugin for WordPress is vulnerable to unauthorized... High Unreviewed
CVE-2025-3906 was published Apr 26, 2025
The Aeropage Sync for Airtable plugin for WordPress is vulnerable to arbitrary file uploads due... High Unreviewed
CVE-2025-3914 was published Apr 26, 2025
The Xpro Elementor Addons - Pro plugin for WordPress is vulnerable to Remote Code Execution in... High Unreviewed
CVE-2024-13808 was published Apr 26, 2025
The The Create custom forms for WordPress with a smart form plugin for smart businesses plugin... High Unreviewed
CVE-2025-2801 was published Apr 26, 2025
An issue in Mytel Telecom Online Account System v1.0 allows attackers to bypass the OTP... High Unreviewed
CVE-2025-28128 was published Apr 25, 2025
NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace. High Unreviewed
CVE-2025-32983 was published Apr 25, 2025
ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code... High Unreviewed
CVE-2025-3935 was published Apr 25, 2025
Commvault Web Server has an unspecified vulnerability that can be exploited by a remote,... High Unreviewed
CVE-2025-3928 was published Apr 25, 2025
Moodle has an authenticated remote code execution risk in the Moodle LMS Dropbox repository High
CVE-2025-3641 was published for moodle/moodle (Composer) Apr 25, 2025
Moodle has an authenticated remote code execution risk in the Moodle LMS EQUELLA repository High
CVE-2025-3642 was published for moodle/moodle (Composer) Apr 25, 2025
A security vulnerability was discovered in Moodle that can allow hackers to gain access to... High Unreviewed
CVE-2025-3625 was published Apr 25, 2025
Moodle allows unauthenticated REST API user data exposure High
CVE-2025-32044 was published for moodle/moodle (Composer) Apr 25, 2025
The device exposes a web interface on ports TCP/3030 and TCP/9882. This web service runs lighttpd... High Unreviewed
CVE-2024-6198 was published Apr 25, 2025
An unauthenticated attacker on the WAN interface, with the ability to intercept Dynamic DNS (DDNS... High Unreviewed
CVE-2024-6199 was published Apr 25, 2025
Steve doesn’t verify a server’s certificate and is susceptible to man-in-the-middle (MitM) attacks High
CVE-2023-32198 was published for github.com/rancher/stev (Go) Apr 25, 2025
Rancher users who can create Projects can gain access to arbitrary projects High
CVE-2024-22031 was published for github.com/rancher/rancher (Go) Apr 25, 2025
The Mayosis Core plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to,... High Unreviewed
CVE-2025-1565 was published Apr 25, 2025
The JobSearch WP Job Board plugin for WordPress is vulnerable to authentication bypass in all... High Unreviewed
CVE-2024-11917 was published Apr 25, 2025
The BM Content Builder plugin for WordPress is vulnerable to unauthorized modification of data... High Unreviewed
CVE-2025-1279 was published Apr 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database