Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,458
Erlang
33
GitHub Actions
22
Go
2,156
Maven
5,000+
npm
3,818
NuGet
693
pip
3,497
Pub
12
RubyGems
903
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

104,477 advisories

Loading
A time-of-check time-of-use (TOCTOU) race condition vulnerability has been reported to affect... High Unreviewed
CVE-2024-53694 was published Mar 7, 2025
Microsoft Security Advisory CVE-2025-24043 | WinDbg Remote Code Execution Vulnerability High
CVE-2025-24043 was published for dotnet-debugger-extensions (NuGet) Mar 7, 2025
hoyosjs
com.xwiki.confluencepro:application-confluence-migrator-pro-ui's application homepage is public High
CVE-2025-27604 was published for com.xwiki.confluencepro:application-confluence-migrator-pro-ui (Maven) Mar 7, 2025
Vue I18n Allows Prototype Pollution in `handleFlatJson` High
CVE-2025-27597 was published for @intlify/core (npm) Mar 7, 2025
mestrtee
axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL High
CVE-2025-27152 was published for axios (npm) Mar 7, 2025
lambdasawa
The WordPress Activity O Meter WordPress plugin through 1.0 does not sanitise and escape a... High Unreviewed
CVE-2024-13668 was published Mar 7, 2025
Pass-Back vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This vulnerability... High Unreviewed
CVE-2025-1886 was published Mar 7, 2025
SMB forced authentication vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This... High Unreviewed
CVE-2025-1887 was published Mar 7, 2025
The School Management System for Wordpress plugin for WordPress is vulnerable to privilege... High Unreviewed
CVE-2024-9658 was published Mar 7, 2025
The Eventer - WordPress Event & Booking Manager Plugin plugin for WordPress is vulnerable to SQL... High Unreviewed
CVE-2025-0959 was published Mar 7, 2025
The Ultimate Video Player WordPress & WooCommerce Plugin plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-10804 was published Mar 7, 2025
The CS Framework plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed
CVE-2024-12035 was published Mar 7, 2025
The CS Framework plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to,... High Unreviewed
CVE-2024-12036 was published Mar 7, 2025
Software installed and run as a non-privileged user may conduct improper GPU system calls to... High Unreviewed
CVE-2024-12837 was published Mar 7, 2025
The Gallery by BestWebSoft – Customizable Image and Photo Galleries for WordPress plugin for... High Unreviewed
CVE-2024-13906 was published Mar 7, 2025
Dell ThinOS 2411 and prior, contains an Improper Neutralization of Special Elements used in a... High Unreviewed
CVE-2025-26331 was published Mar 7, 2025
The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is... High Unreviewed
CVE-2025-1309 was published Mar 7, 2025
The CURCY - WooCommerce Multi Currency - Currency Switcher plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-13320 was published Mar 7, 2025
The Flex Mag - Responsive WordPress News Theme theme for WordPress is vulnerable to unauthorized... High Unreviewed
CVE-2024-13655 was published Mar 7, 2025
The Homey theme for WordPress is vulnerable to authentication bypass in versions up to, and... High Unreviewed
CVE-2025-0749 was published Mar 7, 2025
DoS Vulnerability in TraceContextPropagator.Extract - OpenTelemetry.Api High
GHSA-vc29-vg52-6643 was published for OpenTelemetry.AutoInstrumentation (NuGet) Mar 6, 2025
Out-of-bounds Write in SixLabors ImageSharp High
CVE-2025-27598 was published for SixLabors.ImageSharp (NuGet) Mar 6, 2025
andreas-eriksson
An issue in account management interface in Netsweeper Server v.8.2.6 and earlier (fixed in v.8.2... High Unreviewed
CVE-2025-25497 was published Mar 6, 2025
Buffalo LS520D 4.53 is vulnerable to Arbitrary file read, which allows unauthenticated attackers... High Unreviewed
CVE-2025-26167 was published Mar 6, 2025
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080,... High Unreviewed
CVE-2024-50600 was published Mar 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database