Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,819
Erlang
36
GitHub Actions
32
Go
2,410
Maven
5,000+
npm
4,046
NuGet
723
pip
3,842
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

219 advisories

Loading
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2025-8401 was published Jul 31, 2025
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated,... Moderate Unreviewed
CVE-2023-20182 was published May 18, 2023
A vulnerability was found in jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0 and classified as critical.... Moderate Unreviewed
CVE-2025-7938 was published Jul 21, 2025
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web... Moderate Unreviewed
CVE-2025-50073 was published Jul 15, 2025
Secure-upload is a data submission service that validates single-use tokens when accepting... Moderate Unreviewed
CVE-2025-53709 was published Jul 10, 2025
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2025-20264 was published Jun 26, 2025
When a link can be opened in an external application, Firefox for Android will, by default,... Moderate Unreviewed
CVE-2025-6431 was published Jun 26, 2025
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app... Moderate Unreviewed
CVE-2023-40430 was published Jan 11, 2024
A vulnerability was found in ScriptAndTools Real Estate Management System 1.0. It has been rated... Moderate Unreviewed
CVE-2025-6329 was published Jun 20, 2025
In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with... Moderate Unreviewed
CVE-2023-43609 was published Feb 9, 2024
The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress... Moderate Unreviewed
CVE-2024-9531 was published Oct 24, 2024
Vulnerability CVE-2024-22021 allows a Veeam Recovery Orchestrator user with a low privileged role... Moderate Unreviewed
CVE-2024-22021 was published Feb 7, 2024
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). ... Moderate Unreviewed
CVE-2024-20979 was published Jan 17, 2024
A vulnerability has been found in Summer Pearl Group Vacation Rental Management Platform up to 1... Moderate Unreviewed
CVE-2025-5182 was published May 26, 2025
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey... Moderate Unreviewed
CVE-2022-32838 was published Aug 25, 2022
A vulnerability, which was classified as problematic, has been found in SourceCodester Best... Moderate Unreviewed
CVE-2025-1607 was published Feb 24, 2025
An issue was discovered in wolfSSL before 5.5.0. A fault injection attack on RAM via Rowhammer... Moderate Unreviewed
CVE-2022-42961 was published Oct 15, 2022
A vulnerability in the MiCollab Client API of Mitel MiCollab through 9.5.0.101 could allow an... Moderate Unreviewed
CVE-2022-36454 was published Oct 25, 2022
A vulnerability was found in kishor-23 Food Waste Management System 1.0. It has been declared as... Moderate Unreviewed
CVE-2024-2557 was published Mar 17, 2024
The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to unauthorized access... Moderate Unreviewed
CVE-2025-3924 was published May 7, 2025
The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting... Moderate Unreviewed
CVE-2022-2461 was published Sep 7, 2022
Zulip Server 1.5.1 and below suffer from an error in the implementation of the... Moderate Unreviewed
CVE-2017-0896 was published May 13, 2022
Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid share tokens for public... Moderate Unreviewed
CVE-2017-0894 was published May 13, 2022
The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 before Patch 3 on Windows... Moderate Unreviewed
CVE-2016-5063 was published May 14, 2022
Nextcloud Server before 11.0.3 is vulnerable to an improper session handling allowed an... Moderate Unreviewed
CVE-2017-0892 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database