GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,138
Composer 4,333
Erlang 31
GitHub Actions 21
Go 2,094
Maven 5,263
npm 3,759
NuGet 678
pip 3,445
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,286

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

122,220 advisories

Filter by severity

Sort by

Least recently updated

A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 ... Moderate Unreviewed

CVE-2023-37034 was published Jan 22, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2024-10539 was published Jan 23, 2025

The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-12118 was published Jan 23, 2025

Denial of service condition in M-Files Server in versions before 25.1.14445.5 allows an... Moderate Unreviewed

CVE-2025-0635 was published Jan 23, 2025

The Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP plugin for WordPress... Moderate Unreviewed

CVE-2024-12504 was published Jan 23, 2025

The Cliptakes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ... Moderate Unreviewed

CVE-2024-13389 was published Jan 23, 2025

Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 allows a highly... Moderate Unreviewed

CVE-2025-0648 was published Jan 23, 2025

The SEO Blogger to WordPress Migration using 301 Redirection plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2024-13422 was published Jan 23, 2025

The Tainacan plugin for WordPress is vulnerable to SQL Injection via the 'collection_id'... Moderate Unreviewed

CVE-2024-13236 was published Jan 23, 2025

Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly... Moderate Unreviewed

CVE-2025-0619 was published Jan 23, 2025

An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a... Moderate Unreviewed

CVE-2024-43708 was published Jan 23, 2025

The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2024-13340 was published Jan 23, 2025

The Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Post Slider and... Moderate Unreviewed

CVE-2024-12043 was published Jan 23, 2025

The Variation Swatches for WooCommerce plugin, in all versions starting at 1.0.8 up until 1.3.2,... Moderate Unreviewed

CVE-2024-13511 was published Jan 23, 2025

An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a... Moderate Unreviewed

CVE-2024-52972 was published Jan 23, 2025

An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered... Moderate Unreviewed

CVE-2025-24529 was published Jan 23, 2025

A server side request forgery vulnerability was identified in Kibana where the /api/fleet... Moderate Unreviewed

CVE-2024-43710 was published Jan 23, 2025

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to cross-site... Moderate Unreviewed

CVE-2023-32340 was published Jan 23, 2025

BigFix Patch Download Plug-ins are affected by path traversal vulnerability. The application... Moderate Unreviewed

CVE-2024-42187 was published Jan 23, 2025

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to stored cross... Moderate Unreviewed

CVE-2023-50309 was published Jan 23, 2025

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads1298: Add... Moderate Unreviewed

CVE-2024-57944 was published Jan 21, 2025

An improper restriction of operations within the bounds of a memory buffer in the parameter type... Moderate Unreviewed

CVE-2024-38266 was published Sep 24, 2024

In the Linux kernel, the following vulnerability has been resolved: net/sctp: Prevent autoclose... Moderate Unreviewed

CVE-2024-57938 was published Jan 21, 2025

OrangeScrum v2.0.11 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious... Moderate Unreviewed

CVE-2024-48392 was published Jan 21, 2025

Northern.tech CFEngine Enterprise Mission Portal 3.24.0, 3.21.5, and below allows XSS. The fixed... Moderate Unreviewed

CVE-2024-55958 was published Jan 21, 2025

Previous 1 2 3 4 5 6 7 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

122,220 advisories