Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

112,194 advisories

Loading
An OS command injection vulnerability in Palo Alto Networks Expedition enables an authenticated... Moderate Unreviewed
CVE-2025-0107 was published Jan 11, 2025
An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an... Moderate Unreviewed
CVE-2025-0105 was published Jan 11, 2025
The ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages... Moderate Unreviewed
CVE-2024-11327 was published Jan 11, 2025
The Trackserver plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed
CVE-2024-12505 was published Jan 11, 2025
The Post Duplicator plugin for WordPress is vulnerable to Information Exposure in all versions up... Moderate Unreviewed
CVE-2024-12472 was published Jan 11, 2025
A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated... Moderate Unreviewed
CVE-2025-0106 was published Jan 11, 2025
The Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups plugin... Moderate Unreviewed
CVE-2024-12204 was published Jan 11, 2025
Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')... Moderate Unreviewed
CVE-2024-13263 was published Jan 9, 2025
A vulnerability was found in PbootCMS up to 3.2.3. It has been classified as critical. This... Moderate Unreviewed
CVE-2024-12789 was published Dec 19, 2024
Improper Ownership Management vulnerability in Drupal Node Access Rebuild Progressive allows... Moderate Unreviewed
CVE-2024-13249 was published Jan 9, 2025
Incorrect Privilege Assignment vulnerability in Drupal Private content allows Target Influence... Moderate Unreviewed
CVE-2024-13248 was published Jan 9, 2025
An issue was discovered in REDCap 14.9.6. A stored cross-site scripting (XSS) vulnerability... Moderate Unreviewed
CVE-2025-23112 was published Jan 11, 2025
Specially constructed queries targeting ETM could discover active remote access sessions Moderate Unreviewed
CVE-2024-47518 was published Jan 11, 2025
An issue was discovered in REDCap 14.9.6. A Reflected cross-site scripting (XSS) vulnerability in... Moderate Unreviewed
CVE-2025-23110 was published Jan 11, 2025
An issue was discovered in REDCap 14.9.6. It allows HTML Injection via the Survey field name,... Moderate Unreviewed
CVE-2025-23111 was published Jan 11, 2025
A user with administrator privileges is able to retrieve authentication tokens Moderate Unreviewed
CVE-2024-9133 was published Jan 11, 2025
Expired and unusable administrator authentication tokens can be revealed by units that have timed... Moderate Unreviewed
CVE-2024-47517 was published Jan 11, 2025
On Arista CloudVision Appliance (CVA) affected releases running on appliances that support... Moderate Unreviewed
CVE-2024-7142 was published Jan 11, 2025
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-2799 was published Apr 23, 2024
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce... Moderate Unreviewed
CVE-2024-3733 was published Apr 25, 2024
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-3889 was published Apr 23, 2024
The Essential Addons for Elementor Pro plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-3645 was published Apr 22, 2024
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-2798 was published Apr 23, 2024
Improper Ownership Management vulnerability in Drupal Node Access Rebuild Progressive allows... Moderate Unreviewed
CVE-2024-13246 was published Jan 9, 2025
Deserialization of Untrusted Data vulnerability in Drupal Node export allows Object Injection... Moderate Unreviewed
CVE-2024-13295 was published Jan 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database