GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,497
Composer 4,963
Erlang 39
GitHub Actions 38
Go 2,615
Maven 6,096
npm 4,255
NuGet 760
pip 4,036
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,677

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

236 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App plugin for... Critical Unreviewed

CVE-2025-11833 was published Nov 1, 2025

ELOG allows an authenticated user to modify or overwrite the configuration file, resulting in... Critical Unreviewed

CVE-2025-64348 was published Oct 31, 2025

Nagios XI versions prior to 2024R1 contain a missing access control vulnerability via the Web SSH... Critical Unreviewed

CVE-2023-7317 was published Oct 31, 2025

A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release... Critical Unreviewed

CVE-2025-6205 was published Aug 4, 2025

Missing Authorization vulnerability in epiphanyit321 Referral Link Tracker referral-link-tracker... Critical Unreviewed

CVE-2025-62906 was published Oct 27, 2025

Missing Authorization vulnerability in Mark O'Donnell MSTW CSV EXPORTER mstw-csv-exporter allows... Critical Unreviewed

CVE-2025-62944 was published Oct 27, 2025

Missing Authorization vulnerability in themeshopy TS Demo Importer ts-demo-importer allows... Critical Unreviewed

CVE-2025-62919 was published Oct 27, 2025

Missing Authorization vulnerability in gerritvanaaken Podlove Web Player podlove-web-player... Critical Unreviewed

CVE-2025-62908 was published Oct 27, 2025

Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart... Critical Unreviewed

CVE-2025-62892 was published Oct 27, 2025

Missing Authorization vulnerability in vanquish WooCommerce Orders & Customers Exporter... Critical Unreviewed

CVE-2025-53424 was published Oct 22, 2025

Missing Authorization vulnerability in Wikimedia Foundation Wikipedia Preview wikipedia-preview... Critical Unreviewed

CVE-2025-52738 was published Oct 22, 2025

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is... Critical Unreviewed

CVE-2022-0543 was published Feb 19, 2022

lunary-ai/lunary version v1.4.25 contains an improper access control vulnerability in the POST ... Critical Unreviewed

CVE-2024-8999 was published Mar 20, 2025

In lunary-ai/lunary version v1.4.28, the /bigquery API route lacks proper access control,... Critical Unreviewed

CVE-2024-9095 was published Mar 20, 2025

An improper access control vulnerability in lunary-ai/lunary version 1.3.2 allows an attacker to... Critical Unreviewed

CVE-2024-7475 was published Oct 29, 2024

The Custom Searchable Data Entry System plugin for WordPress is vulnerable to unauthenticated... Critical Unreviewed

CVE-2020-36852 was published Oct 1, 2025

A missing authorization vulnerability in SUNNET Corporate Training Management System before 10.11... Critical Unreviewed

CVE-2025-54943 was published Sep 25, 2025

The MultiLoca - WooCommerce Multi Locations Inventory Management plugin for WordPress is... Critical Unreviewed

CVE-2025-9054 was published Sep 24, 2025

The Goza - Nonprofit Charity WordPress Theme theme for WordPress is vulnerable to unauthorized... Critical Unreviewed

CVE-2025-10690 was published Sep 19, 2025

Missing Authorization vulnerability in Hamid Alinia Login with phone number.This issue affects... Critical Unreviewed

CVE-2024-32832 was published Aug 31, 2025

Aikaan IoT management platform v3.25.0325-5-g2e9c59796 provides a configuration to disable user... Critical Unreviewed

CVE-2025-52352 was published Aug 21, 2025

The Taxi Booking Manager for Woocommerce | E-cab plugin for WordPress is vulnerable to privilege... Critical Unreviewed

CVE-2025-8898 was published Aug 16, 2025

Missing authorization in Remote Desktop Server allows an unauthorized attacker to perform... Critical Unreviewed

CVE-2025-50171 was published Aug 12, 2025

The B Blocks plugin for WordPress is vulnerable to Privilege Escalation due to missing... Critical Unreviewed

CVE-2025-8059 was published Aug 12, 2025

The ONLYOFFICE Docs plugin for WordPress is vulnerable to Privilege Escalation due to missing... Critical Unreviewed

CVE-2025-6380 was published Jul 25, 2025

Previous1…10 Next

Previous 1 2 3 4 5 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

236 advisories