Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,367
Maven
5,000+
npm
3,986
NuGet
720
pip
3,778
Pub
12
RubyGems
926
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,008 advisories

Loading
Missing Authorization vulnerability in ThemeGoods Grand Restaurant WordPress allows Exploiting... High Unreviewed
CVE-2025-39352 was published May 19, 2025
Missing Authorization vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a... High Unreviewed
CVE-2025-39350 was published May 19, 2025
VMware Cloud Foundation contains a missing authorisation vulnerability. A malicious actor with... High Unreviewed
CVE-2025-41231 was published May 20, 2025
Missing Authorization vulnerability in dastan800 Visual Builder allows Reflected XSS. This issue... High Unreviewed
CVE-2025-46488 was published May 23, 2025
Missing Authorization vulnerability in Chimpstudio JobHunt Job Alerts allows Exploiting... High Unreviewed
CVE-2025-39536 was published May 23, 2025
Missing Authorization vulnerability in RomanCode MapSVG allows Accessing Functionality Not... High Unreviewed
CVE-2025-47558 was published May 23, 2025
Missing Authorization vulnerability in smackcoders Lead Form Data Collection to CRM allows... High Unreviewed
CVE-2025-47690 was published May 23, 2025
Missing authorization vulnerability in TCMAN's GIM v11. This allows an authenticated attacker to... High Unreviewed
CVE-2025-40667 was published May 26, 2025
The Property plugin for WordPress is vulnerable to Privilege Escalation due to a missing... High Unreviewed
CVE-2025-5117 was published May 27, 2025
The Woostify Sites Library WordPress plugin before 1.4.8 does not have authorisation in an AJAX... High Unreviewed
CVE-2023-6279 was published Jan 29, 2024
The use of __proto__ in process.mainModule.__proto__.require() can bypass the policy mechanism... High Unreviewed
CVE-2023-30581 was published Nov 23, 2023
The Hive Support plugin for WordPress is vulnerable to unauthorized access and modification of... High Unreviewed
CVE-2025-5018 was published Jun 6, 2025
A missing authorization vulnerability in Soar Cloud HRD Human Resource Management System through... High Unreviewed
CVE-2025-48784 was published Jun 6, 2025
Missing Authorization vulnerability in Christiaan Pieterse MaxiBlocks allows Privilege Escalation... High Unreviewed
CVE-2025-47601 was published Jun 7, 2025
Smart Parking Management System from Honding Technology has a Missing Authorization vulnerability... High Unreviewed
CVE-2025-5894 was published Jun 9, 2025
Missing Authorization vulnerability in WP Swings Membership For WooCommerce allows Accessing... High Unreviewed
CVE-2025-49265 was published Jun 9, 2025
Missing Authorization vulnerability in looks_awesome Team Builder allows Exploiting Incorrectly... High Unreviewed
CVE-2025-32308 was published Jun 9, 2025
Missing Authorization vulnerability in Fahad Mahmood Stock Locations for WooCommerce allows... High Unreviewed
CVE-2025-47463 was published Jun 9, 2025
Missing Authorization vulnerability in Icegram Icegram Collect – Easy Form, Lead Collection and... High Unreviewed
CVE-2025-47527 was published Jun 9, 2025
SAP GRC allows a non-administrative user to access and initiate transaction which could allow... High Unreviewed
CVE-2025-42982 was published Jun 10, 2025
SAP Business Warehouse and SAP Plug-In Basis allows an authenticated attacker to drop arbitrary... High Unreviewed
CVE-2025-42983 was published Jun 10, 2025
The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting... High Unreviewed
CVE-2024-12812 was published May 15, 2025
SunGrow's back end users system iSolarCloud https://isolarcloud.com  uses an MQTT service to... High Unreviewed
CVE-2025-29756 was published Jun 11, 2025
Backend.AI Missing Authorization vulnerability High
CVE-2025-49651 was published for backend.ai (pip) Jun 9, 2025
Due to missing authorization of an API endpoint, unauthorized users can send HTTP GET requests to... High Unreviewed
CVE-2025-49181 was published Jun 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database