Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,681
Maven
5,000+
npm
4,309
NuGet
760
pip
4,083
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

277 advisories

Loading
Missing Authorization vulnerability in sertifier Sertifier Certificate & Badge Maker sertifier... Critical Unreviewed
CVE-2025-53214 was published Nov 6, 2025
The Simple User Capabilities plugin for WordPress is vulnerable to Privilege Escalation due to a... Critical Unreviewed
CVE-2025-12158 was published Nov 4, 2025
The Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App plugin for... Critical Unreviewed
CVE-2025-11833 was published Nov 1, 2025
ELOG allows an authenticated user to modify or overwrite the configuration file, resulting in... Critical Unreviewed
CVE-2025-64348 was published Oct 31, 2025
Nagios XI versions prior to 2024R1 contain a missing access control vulnerability via the Web SSH... Critical Unreviewed
CVE-2023-7317 was published Oct 31, 2025
Missing Authorization vulnerability in gerritvanaaken Podlove Web Player podlove-web-player... Critical Unreviewed
CVE-2025-62908 was published Oct 27, 2025
Missing Authorization vulnerability in Mark O'Donnell MSTW CSV EXPORTER mstw-csv-exporter allows... Critical Unreviewed
CVE-2025-62944 was published Oct 27, 2025
Missing Authorization vulnerability in epiphanyit321 Referral Link Tracker referral-link-tracker... Critical Unreviewed
CVE-2025-62906 was published Oct 27, 2025
Missing Authorization vulnerability in themeshopy TS Demo Importer ts-demo-importer allows... Critical Unreviewed
CVE-2025-62919 was published Oct 27, 2025
Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart... Critical Unreviewed
CVE-2025-62892 was published Oct 27, 2025
Karmada Dashboard API Unauthorized Access Vulnerability Critical
CVE-2025-62714 was published for github.com/karmada-io/dashboard (Go) Oct 24, 2025
warjiang noxosd
RainbowMango
Credited to warjiang, noxosd, and RainbowMango
Missing Authorization vulnerability in vanquish WooCommerce Orders & Customers Exporter... Critical Unreviewed
CVE-2025-53424 was published Oct 22, 2025
Missing Authorization vulnerability in Wikimedia Foundation Wikipedia Preview wikipedia-preview... Critical Unreviewed
CVE-2025-52738 was published Oct 22, 2025
Melis Platform CMS Unauthenticated Admin Account Creation Critical
CVE-2025-10352 was published for melisplatform/melis-core (Composer) Oct 8, 2025
ivansmc00
Credited to ivansmc00
The Custom Searchable Data Entry System plugin for WordPress is vulnerable to unauthenticated... Critical Unreviewed
CVE-2020-36852 was published Oct 1, 2025
A missing authorization vulnerability in SUNNET Corporate Training Management System before 10.11... Critical Unreviewed
CVE-2025-54943 was published Sep 25, 2025
The MultiLoca - WooCommerce Multi Locations Inventory Management plugin for WordPress is... Critical Unreviewed
CVE-2025-9054 was published Sep 24, 2025
The Goza - Nonprofit Charity WordPress Theme theme for WordPress is vulnerable to unauthorized... Critical Unreviewed
CVE-2025-10690 was published Sep 19, 2025
Missing Authorization vulnerability in Hamid Alinia Login with phone number.This issue affects... Critical Unreviewed
CVE-2024-32832 was published Aug 31, 2025
Aikaan IoT management platform v3.25.0325-5-g2e9c59796 provides a configuration to disable user... Critical Unreviewed
CVE-2025-52352 was published Aug 21, 2025
The Taxi Booking Manager for Woocommerce | E-cab plugin for WordPress is vulnerable to privilege... Critical Unreviewed
CVE-2025-8898 was published Aug 16, 2025
Missing authorization in Remote Desktop Server allows an unauthorized attacker to perform... Critical Unreviewed
CVE-2025-50171 was published Aug 12, 2025
The B Blocks plugin for WordPress is vulnerable to Privilege Escalation due to missing... Critical Unreviewed
CVE-2025-8059 was published Aug 12, 2025
A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release... Critical Unreviewed
CVE-2025-6205 was published Aug 4, 2025
The Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings |... Critical Unreviewed
CVE-2025-6441 was published Jul 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database