Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,819
Erlang
36
GitHub Actions
32
Go
2,410
Maven
5,000+
npm
4,046
NuGet
723
pip
3,842
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

318 advisories

Loading
The Service Finder SMS System plugin for WordPress is vulnerable to privilege escalation via... Critical Unreviewed
CVE-2025-5954 was published Aug 1, 2025
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia... Critical Unreviewed
CVE-2025-24119 was published Jul 30, 2025
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-43199 was published Jul 30, 2025
The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. plugin... Critical Unreviewed
CVE-2025-7341 was published Jul 15, 2025
The Opal Estate Pro – Property Management and Submission plugin for WordPress, used by the... Critical Unreviewed
CVE-2025-6934 was published Jul 1, 2025
The Simple User Registration plugin for WordPress is vulnerable to Privilege Escalation in all... Critical Unreviewed
CVE-2025-4334 was published Jun 26, 2025
A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated,... Critical Unreviewed
CVE-2025-20282 was published Jun 26, 2025
An issue was discovered on GL.iNet devices through 4.5.0. Attackers can invoke the add_user... Critical Unreviewed
CVE-2023-50921 was published Jan 3, 2024
The location module has a vulnerability of bypassing permission verification.Successful... Critical Unreviewed
CVE-2022-39007 was published Sep 17, 2022
Rancher Webhook is misconfigured during upgrade process Critical
CVE-2023-22651 was published for github.com/rancher/rancher (Go) Apr 24, 2023
pjbgf
Gardener allows bypassing project secret validation which can lead to privilege escalation Critical
CVE-2025-47283 was published for github.com/gardener/gardener (Go) May 19, 2025
petersutter rfranzke
donistz timuthy JordanJordanov
Gardener External DNS Management allows malicious google credential in DNS secret to lead to privilege escalation Critical
CVE-2025-47282 was published for github.com/gardener/external-dns-management (Go) May 19, 2025
petersutter donistz
MartinWeindel JordanJordanov
On Arista CloudVision systems (virtual or physical on-premise deployments), Zero Touch... Critical Unreviewed
CVE-2025-0505 was published May 8, 2025
An issue in Coresmartcontracts Uniswap v.3.0 and fixed in v.4.0 allows a remote attacker to... Critical Unreviewed
CVE-2025-25962 was published Apr 29, 2025
The system framework layer has a vulnerability of serialization/deserialization mismatch.... Critical Unreviewed
CVE-2022-44562 was published Nov 10, 2022
org.xwiki.platform:xwiki-platform-security-requiredrights-default required rights analysis doesn't consider TextAreas with default content type Critical
CVE-2025-32974 was published for org.xwiki.platform:xwiki-platform-security-requiredrights-default (Maven) Apr 29, 2025
A potential security vulnerability has been identified in OMEN Gaming Hub and in HP Command... Critical Unreviewed
CVE-2021-3919 was published Dec 12, 2022
A privilege escalation vulnerability is identified in Ivanti EPM (LANDesk Management Suite) that... Critical Unreviewed
CVE-2022-27773 was published Dec 6, 2022
An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to... Critical Unreviewed
CVE-2022-44929 was published Dec 2, 2022
SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to... Critical Unreviewed
CVE-2024-37858 was published Jul 29, 2024
A vulnerability has been identified in Siemens 7KT PAC1200 data manager (7KT1260) in all versions... Critical Unreviewed
CVE-2017-9944 was published May 13, 2022
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is... Critical Unreviewed
CVE-2017-12635 was published May 13, 2022
An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId... Critical Unreviewed
CVE-2017-7312 was published May 13, 2022
An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T. The attacker can... Critical Unreviewed
CVE-2017-5624 was published May 13, 2022
The UrbanGo Membership plugin for WordPress is vulnerable to privilege escalation in versions up... Critical Unreviewed
CVE-2025-3278 was published Apr 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database