Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,331
Erlang
31
GitHub Actions
21
Go
2,093
Maven
5,000+
npm
3,756
NuGet
678
pip
3,443
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

263,366 advisories

Loading
The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-12118 was published Jan 23, 2025
Denial of service condition in M-Files Server in versions before 25.1.14445.5 allows an... Moderate Unreviewed
CVE-2025-0635 was published Jan 23, 2025
The Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP plugin for WordPress... Moderate Unreviewed
CVE-2024-12504 was published Jan 23, 2025
The Cliptakes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ... Moderate Unreviewed
CVE-2024-13389 was published Jan 23, 2025
Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 allows a highly... Moderate Unreviewed
CVE-2025-0648 was published Jan 23, 2025
The SEO Blogger to WordPress Migration using 301 Redirection plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-13422 was published Jan 23, 2025
The Tainacan plugin for WordPress is vulnerable to SQL Injection via the 'collection_id'... Moderate Unreviewed
CVE-2024-13236 was published Jan 23, 2025
Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly... Moderate Unreviewed
CVE-2025-0619 was published Jan 23, 2025
An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a... Moderate Unreviewed
CVE-2024-43708 was published Jan 23, 2025
Pre-authentication deserialization of untrusted data vulnerability has been identified in the... Unknown Unreviewed
CVE-2025-23006 was published Jan 23, 2025
The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2024-13340 was published Jan 23, 2025
The Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Post Slider and... Moderate Unreviewed
CVE-2024-12043 was published Jan 23, 2025
The Product Table by WBW plugin for WordPress is vulnerable to SQL Injection via the ... High Unreviewed
CVE-2024-13234 was published Jan 23, 2025
The Variation Swatches for WooCommerce plugin, in all versions starting at 1.0.8 up until 1.3.2,... Moderate Unreviewed
CVE-2024-13511 was published Jan 23, 2025
The BMLT Meeting Map plugin for WordPress is vulnerable to Local File Inclusion in all versions... High Unreviewed
CVE-2024-13593 was published Jan 23, 2025
A file handling command vulnerability in certain versions of Armoury Crate may result in... High Unreviewed
CVE-2024-12957 was published Jan 23, 2025
go-git clients vulnerable to DoS via maliciously crafted Git server replies High
CVE-2025-21614 was published for github.com/go-git/go-git (Go) Jan 6, 2025
bdilalu
Agent Dart is missing certificate verification checks High
CVE-2024-48915 was published for agent_dart (Pub) Oct 15, 2024
eduarddfinity AlexV525
The request handling in the core in Apache Wicket 7.0.0 on any platform allows an attacker to... Unknown Unreviewed
CVE-2024-53299 was published Jan 23, 2025
An issue was identified in Fleet Server where Fleet policies that could contain sensitive... Critical Unreviewed
CVE-2024-52975 was published Jan 23, 2025
An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a... Moderate Unreviewed
CVE-2024-52972 was published Jan 23, 2025
An issue was identified in Kibana where a user without access to Fleet can view Elastic Agent... High Unreviewed
CVE-2024-43707 was published Jan 23, 2025
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered... Moderate Unreviewed
CVE-2025-24529 was published Jan 23, 2025
A server side request forgery vulnerability was identified in Kibana where the /api/fleet... Moderate Unreviewed
CVE-2024-43710 was published Jan 23, 2025
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered... Moderate Unreviewed
CVE-2025-24530 was published Jan 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database