Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,150
Maven
5,000+
npm
3,815
NuGet
690
pip
3,490
Pub
12
RubyGems
902
Rust
900
Swift
38
Unreviewed advisories
All unreviewed
5,000+

10,894 advisories

Loading
Improper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache... Unknown Unreviewed
CVE-2024-38311 was published Mar 6, 2025
Volt Allows RCE Via User-Crafted Requests Critical
CVE-2025-27517 was published for livewire/volt (Composer) Mar 5, 2025
angelej
The WooCommerce Recover Abandoned Cart plugin for WordPress is vulnerable to PHP Object Injection... High Unreviewed
CVE-2025-0956 was published Mar 5, 2025
LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS... High Unreviewed
CVE-2025-1080 was published Mar 4, 2025
The Ultimate WordPress Auction Plugin plugin for WordPress is vulnerable to unauthorized access... Moderate Unreviewed
CVE-2025-0958 was published Mar 4, 2025
Permission verification bypass vulnerability in the notification module Impact: Successful... High Unreviewed
CVE-2024-58044 was published Mar 4, 2025
Paragon Partition Manager version 17, both community and Business versions, contain an insecure... High Unreviewed
CVE-2025-0289 was published Mar 3, 2025
Paragon Partition Manager version 7.9.1 contains an arbitrary kernel memory mapping vulnerability... High Unreviewed
CVE-2025-0285 was published Mar 3, 2025
Memory corruption while processing input message passed from FE driver. High Unreviewed
CVE-2024-53030 was published Mar 3, 2025
Memory corruption while reading a value from a buffer controlled by the Guest Virtual Machine. High Unreviewed
CVE-2024-53029 was published Mar 3, 2025
Memory corruption while reading a type value from a buffer controlled by the Guest Virtual Machine. High Unreviewed
CVE-2024-53031 was published Mar 3, 2025
Memory corruption may occur due to improper input validation in clock device. High Unreviewed
CVE-2024-53012 was published Mar 3, 2025
Memory corruption may occur during communication between primary and guest VM. High Unreviewed
CVE-2024-53022 was published Mar 3, 2025
The user input was not sanitized on Reporting Hierarchy Management page of Foreseer Reporting... Moderate Unreviewed
CVE-2025-22491 was published Feb 28, 2025
The wpForo Forum plugin for WordPress is vulnerable to arbitrary file read due to insufficient... Moderate Unreviewed
CVE-2025-0764 was published Feb 28, 2025
Infoblox NIOS through 8.6.4 and 9.x through 9.0.3 has Improper Input Validation. Critical Unreviewed
CVE-2024-36047 was published Feb 28, 2025
A vulnerability classified as problematic was found in b1gMail up to 7.4.1-pl1. Affected by this... Moderate Unreviewed
CVE-2025-1741 was published Feb 27, 2025
Improper Input Validation vulnerability in The Document Foundation LibreOffice allows Windows... High Unreviewed
CVE-2025-0514 was published Feb 26, 2025
An improper input validation vulnerability was discovered in the NTP server configuration field... High Unreviewed
CVE-2025-22495 was published Feb 24, 2025
A vulnerability, which was classified as problematic, has been found in westboy CicadasCMS 1.0.... Moderate Unreviewed
CVE-2025-1556 was published Feb 22, 2025
The Post Grid and Gutenberg Blocks – ComboBlocks plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-13798 was published Feb 22, 2025
Keycloak allows cross-site scripting (XSS) Low
CVE-2024-4028 was published for org.keycloak:keycloak-core (Maven) Feb 18, 2025
The Uncode theme for WordPress is vulnerable to arbitrary file read due to insufficient input... High Unreviewed
CVE-2024-13681 was published Feb 18, 2025
The Uncode theme for WordPress is vulnerable to arbitrary file read due to insufficient input... Moderate Unreviewed
CVE-2024-13691 was published Feb 18, 2025
In the "bestinformed Web" application, some user input was not properly sanitized. This leads to... Moderate Unreviewed
CVE-2025-0424 was published Feb 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database