Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

102,964 advisories

Loading
The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter... High Unreviewed
CVE-2024-13056 was published Jan 27, 2025
The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter... High Unreviewed
CVE-2024-13055 was published Jan 27, 2025
The Dental Optimizer Patient Generator App WordPress plugin through 1.0 does not sanitise and... High Unreviewed
CVE-2024-13052 was published Jan 27, 2025
The WP Triggers Lite WordPress plugin through 2.5.3 does not sanitise and escape a parameter... High Unreviewed
CVE-2024-13094 was published Jan 27, 2025
The Dyn Business Panel WordPress plugin through 1.0.0 does not have CSRF check in some places,... High Unreviewed
CVE-2024-13057 was published Jan 27, 2025
The WC Affiliate WordPress plugin through 2.3.9 does not sanitise and escape a parameter before... High Unreviewed
CVE-2024-12321 was published Jan 27, 2025
The VikBooking Hotel Booking Engine & PMS plugin for WordPress is vulnerable to Cross-Site... High Unreviewed
CVE-2024-11641 was published Jan 26, 2025
The Zox News theme for WordPress is vulnerable to unauthorized modification of data that can lead... High Unreviewed
CVE-2024-11936 was published Jan 26, 2025
Develocity (formerly Gradle Enterprise) before 2024.1.8 has Incorrect Access Control. Project... High Unreviewed
CVE-2024-46881 was published Jan 26, 2025
xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free. High Unreviewed
CVE-2022-49043 was published Jan 26, 2025
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to SQL... High Unreviewed
CVE-2024-10628 was published Jan 26, 2025
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2024-10633 was published Jan 26, 2025
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to... High Unreviewed
CVE-2024-10574 was published Jan 26, 2025
Develocity (formerly Gradle Enterprise) before 2024.3.1 allows an attacker who has network access... High Unreviewed
CVE-2025-24858 was published Jan 26, 2025
Local privilege escalation due to incorrect assignment of privileges of temporary files in the... High Unreviewed
CVE-2025-0542 was published Jan 25, 2025
Local privilege escalation in G DATA Security Client due to incorrect assignment of privileges to... High Unreviewed
CVE-2025-0543 was published Jan 25, 2025
IBM Analytics Content Hub 2.0 is vulnerable to a buffer overflow due to improper return length... High Unreviewed
CVE-2024-39750 was published Jan 25, 2025
The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is... High Unreviewed
CVE-2024-13562 was published Jan 25, 2025
The Custom Product Tabs Lite for WooCommerce plugin for WordPress is vulnerable to PHP Object... High Unreviewed
CVE-2024-12600 was published Jan 25, 2025
The ThemeREX Addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up... High Unreviewed
CVE-2025-0682 was published Jan 25, 2025
7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass... High Unreviewed
CVE-2025-0411 was published Jan 25, 2025
In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when decrypting MQTT messages, the code... High Unreviewed
CVE-2024-50697 was published Jan 25, 2025
A vulnerability was found in Rise Group Rise Mode Temp CPU 2.1. It has been classified as... High Unreviewed
CVE-2025-0707 was published Jan 24, 2025
ASTEVAL Allows Maliciously Crafted Format Strings to Lead to Sandbox Escape High
CVE-2025-24359 was published for asteval (pip) Jan 24, 2025
SteakEnthusiast
Updatecli exposes Maven credentials in console output High
CVE-2025-24355 was published for github.com/updatecli/updatecli (Go) Jan 24, 2025
gionn olblak
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database