Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

134,825 advisories

Loading
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Arthur Yarwood Fast eBay... Moderate Unreviewed
CVE-2025-39597 was published Apr 16, 2025
Missing Authorization vulnerability in WC Product Table WooCommerce Product Table Lite allows... Moderate Unreviewed
CVE-2025-39602 was published Apr 16, 2025
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as... Moderate Unreviewed
CVE-2025-3692 was published Apr 16, 2025
A vulnerability was found in mirweiye Seven Bears Library CMS 2023. It has been classified as... Moderate Unreviewed
CVE-2025-3691 was published Apr 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for WooCommerce and... Moderate Unreviewed
CVE-2025-39600 was published Apr 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in EverAccounting Ever Accounting allows Cross... Moderate Unreviewed
CVE-2025-39593 was published Apr 16, 2025
A vulnerability has been found in PHPGurukul Men Salon Management System 1.0 and classified as... Moderate Unreviewed
CVE-2025-3689 was published Apr 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-39525 was published Apr 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-39543 was published Apr 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-39574 was published Apr 16, 2025
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed
CVE-2025-39524 was published Apr 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-39516 was published Apr 16, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced... Moderate Unreviewed
CVE-2025-39538 was published Apr 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP Trio Conditional Shipping for WooCommerce... Moderate Unreviewed
CVE-2025-39564 was published Apr 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-39520 was published Apr 16, 2025
Missing Authorization vulnerability in ActiveDEMAND Online Agency Marketing Automation... Moderate Unreviewed
CVE-2025-39513 was published Apr 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-39515 was published Apr 16, 2025
Missing Authorization vulnerability in slazzercom Slazzer Background Changer allows Accessing... Moderate Unreviewed
CVE-2025-39531 was published Apr 16, 2025
Missing Authorization vulnerability in miniOrange WordPress REST API Authentication allows... Moderate Unreviewed
CVE-2025-39545 was published Apr 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-39540 was published Apr 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-39529 was published Apr 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-39572 was published Apr 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-39585 was published Apr 16, 2025
Missing Authorization vulnerability in WPXPO WowStore allows Exploiting Incorrectly Configured... Moderate Unreviewed
CVE-2025-39571 was published Apr 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-39549 was published Apr 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database