Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,150
Maven
5,000+
npm
3,815
NuGet
690
pip
3,490
Pub
12
RubyGems
902
Rust
900
Swift
38
Unreviewed advisories
All unreviewed
5,000+

24,786 advisories

Loading
Volt Allows RCE Via User-Crafted Requests Critical
CVE-2025-27517 was published for livewire/volt (Composer) Mar 5, 2025
angelej
Lucee RCE/XXE Vulnerability Critical
CVE-2023-38693 was published for org.lucee:lucee (Maven) Mar 5, 2025
rootxharsh zspitzer
Insufficiently Protected Credentials vulnerability in OpenText Identity Manager Advanced Edition... Critical Unreviewed
CVE-2024-12799 was published Mar 5, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-13147 was published Mar 5, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-12097 was published Mar 5, 2025
An arbitrary file upload vulnerability in the component \c\TemplateController.php of Jizhicms v2... Critical Unreviewed
CVE-2025-25784 was published Mar 5, 2025
JizhiCMS v2.5.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the component ... Critical Unreviewed
CVE-2025-25785 was published Mar 5, 2025
An arbitrary file upload vulnerability in the component \controller\LocalTemplate.php of FoxCMS... Critical Unreviewed
CVE-2025-25790 was published Mar 5, 2025
FoxCMS v1.2.5 was discovered to contain a remote code execution (RCE) vulnerability via the index... Critical Unreviewed
CVE-2025-25789 was published Mar 5, 2025
The Homey theme for WordPress is vulnerable to privilege escalation in all versions up to, and... Critical Unreviewed
CVE-2024-12281 was published Mar 5, 2025
The Homey Login Register plugin for WordPress is vulnerable to privilege escalation in all... Critical Unreviewed
CVE-2024-11951 was published Mar 5, 2025
The WP Real Estate Manager plugin for WordPress is vulnerable to Authentication Bypass in all... Critical Unreviewed
CVE-2025-1515 was published Mar 5, 2025
Prototype pollution in Kibana leads to arbitrary code execution via a crafted file upload and... Critical Unreviewed
CVE-2025-25015 was published Mar 5, 2025
The VEDA - MultiPurpose WordPress Theme theme for WordPress is vulnerable to PHP Object Injection... Critical Unreviewed
CVE-2024-13787 was published Mar 5, 2025
An unauthenticated remote attacker can use hard-coded credentials to gain full administration... Critical Unreviewed
CVE-2025-1393 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27671 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27672 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27668 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27666 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27667 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27670 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.750 Application 20.0.1442... Critical Unreviewed
CVE-2025-27680 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330... Critical Unreviewed
CVE-2025-27681 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330... Critical Unreviewed
CVE-2025-27682 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27674 was published Mar 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database