GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,018
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,069
Maven 5,241
npm 3,744
NuGet 668
pip 3,429
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,428

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

112,195 advisories

Filter by severity

Sort by

Least recently updated

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is... Moderate Unreviewed

CVE-2024-12304 was published Jan 11, 2025

An OS command injection vulnerability in Palo Alto Networks Expedition enables an authenticated... Moderate Unreviewed

CVE-2025-0107 was published Jan 11, 2025

An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an... Moderate Unreviewed

CVE-2025-0105 was published Jan 11, 2025

The ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages... Moderate Unreviewed

CVE-2024-11327 was published Jan 11, 2025

The Trackserver plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2024-12505 was published Jan 11, 2025

The Post Duplicator plugin for WordPress is vulnerable to Information Exposure in all versions up... Moderate Unreviewed

CVE-2024-12472 was published Jan 11, 2025

A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated... Moderate Unreviewed

CVE-2025-0106 was published Jan 11, 2025

The Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups plugin... Moderate Unreviewed

CVE-2024-12204 was published Jan 11, 2025

An issue was discovered in REDCap 14.9.6. A stored cross-site scripting (XSS) vulnerability... Moderate Unreviewed

CVE-2025-23112 was published Jan 11, 2025

An issue was discovered in REDCap 14.9.6. A Reflected cross-site scripting (XSS) vulnerability in... Moderate Unreviewed

CVE-2025-23110 was published Jan 11, 2025

An issue was discovered in REDCap 14.9.6. It allows HTML Injection via the Survey field name,... Moderate Unreviewed

CVE-2025-23111 was published Jan 11, 2025

A user with administrator privileges is able to retrieve authentication tokens Moderate Unreviewed

CVE-2024-9133 was published Jan 11, 2025

Expired and unusable administrator authentication tokens can be revealed by units that have timed... Moderate Unreviewed

CVE-2024-47517 was published Jan 11, 2025

Specially constructed queries targeting ETM could discover active remote access sessions Moderate Unreviewed

CVE-2024-47518 was published Jan 11, 2025

On Arista CloudVision Appliance (CVA) affected releases running on appliances that support... Moderate Unreviewed

CVE-2024-7142 was published Jan 11, 2025

On affected platforms running Arista EOS with SNMP configured, if “snmp-server transmit max-size”... Moderate Unreviewed

CVE-2024-7095 was published Jan 10, 2025

On affected platforms running Arista EOS, a specially crafted packet with incorrect VLAN tag... Moderate Unreviewed

CVE-2024-5872 was published Jan 10, 2025

On affected platforms running Arista EOS with one of the following features configured to... Moderate Unreviewed

CVE-2024-6437 was published Jan 10, 2025

During MegaBIP installation process, a user is encouraged to change a default path to... Moderate Unreviewed

CVE-2024-6880 was published Jan 10, 2025

FreeType 2.8.1 has a signed integer overflow in cf2_doFlex in cff/cf2intrp.c. Moderate Unreviewed

CVE-2025-23022 was published Jan 10, 2025

In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing... Moderate Unreviewed

CVE-2024-57822 was published Jan 10, 2025

The Essential WP Real Estate plugin for WordPress is vulnerable to unauthorized access due to a... Moderate Unreviewed

CVE-2024-13318 was published Jan 10, 2025

The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-0311 was published Jan 10, 2025

The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-13183 was published Jan 10, 2025

The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3,... Moderate Unreviewed

CVE-2024-12606 was published Jan 10, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

112,195 advisories