Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
21
Go
2,094
Maven
5,000+
npm
3,757
NuGet
678
pip
3,444
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

122,219 advisories

Loading
The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2024-1997 was published Mar 13, 2024
The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2024-2000 was published Mar 13, 2024
Insecure permissions in the ps_customer table of Prestashop scquickaccounting before v3.7.3... Moderate Unreviewed
CVE-2023-30281 was published May 16, 2023
Versions of Sage 300 through 2022 implement role-based access controls that are only enforced... Moderate Unreviewed
CVE-2023-29927 was published Jul 6, 2023
pimcore/customer-management-framework-bundle Cross-site Scripting vulnerability in Segment name Moderate
CVE-2023-4145 was published for pimcore/customer-management-framework-bundle (Composer) Aug 3, 2023
Si13ntr311iK
phpMyAdmin XSS when checking tables Moderate
CVE-2025-24530 was published for phpmyadmin/phpmyadmin (Composer) Jan 23, 2025
Silverstripe Framework has a XSS in form messages Moderate
CVE-2024-53277 was published for silverstripe/framework (Composer) Jan 14, 2025
Silverstripe Framework has a XSS via insert media remote file oembed Moderate
CVE-2024-47605 was published for silverstripe/framework (Composer) Jan 14, 2025
A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 ... Moderate Unreviewed
CVE-2023-37036 was published Jan 22, 2025
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component plutovg_blend. Moderate Unreviewed
CVE-2024-57720 was published Jan 23, 2025
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component... Moderate Unreviewed
CVE-2024-57719 was published Jan 23, 2025
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component... Moderate Unreviewed
CVE-2024-57724 was published Jan 23, 2025
A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 ... Moderate Unreviewed
CVE-2023-37039 was published Jan 22, 2025
A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 ... Moderate Unreviewed
CVE-2023-37033 was published Jan 22, 2025
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component... Moderate Unreviewed
CVE-2024-57723 was published Jan 23, 2025
A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 ... Moderate Unreviewed
CVE-2023-37038 was published Jan 22, 2025
An Improper Input Validation vulnerability in Juniper Tunnel Driver (jtd) and ICMP module of... Moderate Unreviewed
CVE-2024-21590 was published Apr 12, 2024
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component... Moderate Unreviewed
CVE-2024-57721 was published Jan 23, 2025
A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 ... Moderate Unreviewed
CVE-2023-37037 was published Jan 22, 2025
A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 ... Moderate Unreviewed
CVE-2023-37034 was published Jan 22, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-10539 was published Jan 23, 2025
The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-12118 was published Jan 23, 2025
Denial of service condition in M-Files Server in versions before 25.1.14445.5 allows an... Moderate Unreviewed
CVE-2025-0635 was published Jan 23, 2025
The Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP plugin for WordPress... Moderate Unreviewed
CVE-2024-12504 was published Jan 23, 2025
The Cliptakes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ... Moderate Unreviewed
CVE-2024-13389 was published Jan 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database