Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,825
Erlang
36
GitHub Actions
32
Go
2,417
Maven
5,000+
npm
4,054
NuGet
723
pip
3,845
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

268 advisories

Loading
The Reveal Listing plugin by smartdatasoft for WordPress is vulnerable to privilege escalation in... Critical Unreviewed
CVE-2025-6994 was published Aug 6, 2025
The Service Finder SMS System plugin for WordPress is vulnerable to privilege escalation via... Critical Unreviewed
CVE-2025-5954 was published Aug 1, 2025
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-43199 was published Jul 30, 2025
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia... Critical Unreviewed
CVE-2025-24119 was published Jul 30, 2025
The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. plugin... Critical Unreviewed
CVE-2025-7341 was published Jul 15, 2025
The Opal Estate Pro – Property Management and Submission plugin for WordPress, used by the... Critical Unreviewed
CVE-2025-6934 was published Jul 1, 2025
The Simple User Registration plugin for WordPress is vulnerable to Privilege Escalation in all... Critical Unreviewed
CVE-2025-4334 was published Jun 26, 2025
A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated,... Critical Unreviewed
CVE-2025-20282 was published Jun 26, 2025
On Arista CloudVision systems (virtual or physical on-premise deployments), Zero Touch... Critical Unreviewed
CVE-2025-0505 was published May 8, 2025
An issue in Coresmartcontracts Uniswap v.3.0 and fixed in v.4.0 allows a remote attacker to... Critical Unreviewed
CVE-2025-25962 was published Apr 29, 2025
The UrbanGo Membership plugin for WordPress is vulnerable to privilege escalation in versions up... Critical Unreviewed
CVE-2025-3278 was published Apr 19, 2025
An issue in Erick xmall v.1.1 and before allows a remote attacker to escalate privileges via the... Critical Unreviewed
CVE-2025-28399 was published Apr 15, 2025
The Woffice CRM theme for WordPress is vulnerable to Authentication Bypass in all versions up to,... Critical Unreviewed
CVE-2025-2798 was published Apr 4, 2025
The WP RealEstate plugin for WordPress, used by the Homeo theme, is vulnerable to authentication... Critical Unreviewed
CVE-2025-2237 was published Apr 1, 2025
An issue in Adtran 411 ONT vL80.00.0011.M2 allows attackers to escalate privileges via... Critical Unreviewed
CVE-2025-22937 was published Mar 31, 2025
The Realteo - Real Estate Plugin by Purethemes plugin for WordPress, used by the Findeo Theme, is... Critical Unreviewed
CVE-2025-2232 was published Mar 14, 2025
The Javo Core plugin for WordPress is vulnerable to privilege escalation in all versions up to,... Critical Unreviewed
CVE-2025-0177 was published Mar 8, 2025
The Homey theme for WordPress is vulnerable to privilege escalation in all versions up to, and... Critical Unreviewed
CVE-2024-12281 was published Mar 5, 2025
The Homey Login Register plugin for WordPress is vulnerable to privilege escalation in all... Critical Unreviewed
CVE-2024-11951 was published Mar 5, 2025
The DHVC Form plugin for WordPress is vulnerable to privilege escalation in all versions up to,... Critical Unreviewed
CVE-2024-8420 was published Feb 28, 2025
Infoblox NIOS through 8.6.4 executes with more privileges than required. Critical Unreviewed
CVE-2024-36046 was published Feb 28, 2025
The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation in all versions up... Critical Unreviewed
CVE-2025-0180 was published Feb 11, 2025
An issue in trojan v.2.0.0 through v.2.15.3 allows a remote attacker to escalate privileges via... Critical Unreviewed
CVE-2024-55215 was published Feb 8, 2025
The Post Grid and Gutenberg Blocks plugin for WordPress is vulnerable to privilege escalation in... Critical Unreviewed
CVE-2024-9636 was published Jan 15, 2025
Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege... Critical Unreviewed
CVE-2024-9478 was published Nov 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database