GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,894
Erlang
38
GitHub Actions
38
Go
2,558
Maven
5,000+
npm
4,232
NuGet
751
pip
4,001
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
129,370 advisories
Filter by severity
Missing Authorization vulnerability in magepeopleteam Booking and Rental Manager allows Accessing...
Moderate
Unreviewed
CVE-2025-39390
was published
Apr 24, 2025
Improper access control of endpoint in HCL Leap
allows certain admin users to import applications...
Moderate
Unreviewed
CVE-2024-30148
was published
Apr 24, 2025
A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly...
Moderate
Unreviewed
CVE-2025-46421
was published
Apr 24, 2025
Local privilege escalation due to insecure folder permissions. The following products are...
Moderate
Unreviewed
CVE-2025-30408
was published
Apr 24, 2025
Denial of service due to allocation of resources without limits. The following products are...
Moderate
Unreviewed
CVE-2025-30409
was published
Apr 24, 2025
A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0 in ...
Moderate
Unreviewed
CVE-2025-44135
was published
Apr 24, 2025
A vulnerability has been discovered in the code-projects Online Class and Exam Scheduling System...
Moderate
Unreviewed
CVE-2025-29568
was published
Apr 24, 2025
A vulnerability was found in Code-Projects Online Class and Exam Scheduling System 1.0 in the...
Moderate
Unreviewed
CVE-2025-44134
was published
Apr 24, 2025
A flaw was found in libsoup. It is vulnerable to memory leaks in the...
Moderate
Unreviewed
CVE-2025-46420
was published
Apr 24, 2025
Due to improper authentication mechanism an unauthenticated remote attacker can enumerate valid...
Moderate
Unreviewed
CVE-2021-47664
was published
Apr 24, 2025
The FuseDesk plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2025-3832
was published
Apr 24, 2025
The Buddypress Force Password Change plugin for WordPress is vulnerable to authenticated account...
Moderate
Unreviewed
CVE-2025-3793
was published
Apr 24, 2025
The ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes plugin for WordPress is...
Moderate
Unreviewed
CVE-2025-3280
was published
Apr 24, 2025
The Lottie Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via File...
Moderate
Unreviewed
CVE-2025-2579
was published
Apr 24, 2025
The Woocommerce Automatic Order Printing | ( Formerly WooCommerce Google Cloud Print) plugin for...
Moderate
Unreviewed
CVE-2025-1284
was published
Apr 24, 2025
The Advanced Accordion Gutenberg Block plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2025-2543
was published
Apr 24, 2025
The Reales WP - Real Estate WordPress Theme theme for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-13307
was published
Apr 24, 2025
An issue has been discovered affecting service availability via issue preview in GitLab CE/EE...
Moderate
Unreviewed
CVE-2025-0639
was published
Apr 24, 2025
Use of hard-coded cryptographic key vulnerability in i-PRO Configuration Tool affects the network...
Moderate
Unreviewed
CVE-2025-32730
was published
Apr 24, 2025
An issue has been discovered in access controls could allow users to view certain restricted...
Moderate
Unreviewed
CVE-2024-12244
was published
Apr 24, 2025
The Mang Board WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2025-3435
was published
Apr 24, 2025
The Category Posts Widget WordPress plugin before 4.9.20 does not sanitise and escape some of its...
Moderate
Unreviewed
CVE-2025-1453
was published
Apr 24, 2025
Westermo WeOS 5 through 5.23.0 allows a reboot via a malformed ESP packet.
Moderate
Unreviewed
CVE-2025-46419
was published
Apr 24, 2025
NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 allows users...
Moderate
Unreviewed
CVE-2025-27581
was published
Apr 24, 2025
IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow...
Moderate
Unreviewed
CVE-2024-22351
was published
Apr 24, 2025
ProTip!
Advisories are also available from the
GraphQL API