Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,331
Erlang
31
GitHub Actions
21
Go
2,093
Maven
5,000+
npm
3,756
NuGet
678
pip
3,443
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

122,180 advisories

Loading
The Tainacan plugin for WordPress is vulnerable to SQL Injection via the 'collection_id'... Moderate Unreviewed
CVE-2024-13236 was published Jan 23, 2025
The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-12118 was published Jan 23, 2025
Denial of service condition in M-Files Server in versions before 25.1.14445.5 allows an... Moderate Unreviewed
CVE-2025-0635 was published Jan 23, 2025
The Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP plugin for WordPress... Moderate Unreviewed
CVE-2024-12504 was published Jan 23, 2025
The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2024-13340 was published Jan 23, 2025
The Cliptakes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ... Moderate Unreviewed
CVE-2024-13389 was published Jan 23, 2025
Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 allows a highly... Moderate Unreviewed
CVE-2025-0648 was published Jan 23, 2025
The SEO Blogger to WordPress Migration using 301 Redirection plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-13422 was published Jan 23, 2025
Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly... Moderate Unreviewed
CVE-2025-0619 was published Jan 23, 2025
An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a... Moderate Unreviewed
CVE-2024-43708 was published Jan 23, 2025
The Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Post Slider and... Moderate Unreviewed
CVE-2024-12043 was published Jan 23, 2025
The Variation Swatches for WooCommerce plugin, in all versions starting at 1.0.8 up until 1.3.2,... Moderate Unreviewed
CVE-2024-13511 was published Jan 23, 2025
An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a... Moderate Unreviewed
CVE-2024-52972 was published Jan 23, 2025
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered... Moderate Unreviewed
CVE-2025-24529 was published Jan 23, 2025
A server side request forgery vulnerability was identified in Kibana where the /api/fleet... Moderate Unreviewed
CVE-2024-43710 was published Jan 23, 2025
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered... Moderate Unreviewed
CVE-2025-24530 was published Jan 23, 2025
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to cross-site... Moderate Unreviewed
CVE-2023-32340 was published Jan 23, 2025
BigFix Patch Download Plug-ins are affected by path traversal vulnerability. The application... Moderate Unreviewed
CVE-2024-42187 was published Jan 23, 2025
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to stored cross... Moderate Unreviewed
CVE-2023-50309 was published Jan 23, 2025
The Avada Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-12477 was published Jan 23, 2025
By utilizing software-defined radios and a custom low-latency processing pipeline, RF signals... Moderate Unreviewed
CVE-2024-9310 was published Jan 22, 2025
Cross site scripting in Silverpeas Core Moderate
CVE-2024-56923 was published for org.silverpeas.core:silverpeas-core (Maven) Jan 22, 2025
Disabled permissions can be granted by Folder-based in Jenkins Authorization Strategy Plugin Moderate
CVE-2025-24401 was published for io.jenkins.plugins:folder-auth (Maven) Jan 22, 2025
CSRF vulnerability in Jenkins Azure Service Fabric Plugin Moderate
CVE-2025-24402 was published for org.jenkins-ci.plugins:service-fabric (Maven) Jan 22, 2025
Missing permission checks in Jenkins Azure Service Fabric Plugin Moderate
CVE-2025-24403 was published for org.jenkins-ci.plugins:service-fabric (Maven) Jan 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database