Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,358
Maven
5,000+
npm
3,979
NuGet
720
pip
3,777
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

205 advisories

Loading
The PT Project Notebooks plugin for WordPress is vulnerable to Privilege Escalation due to... Critical Unreviewed
CVE-2025-5304 was published Jun 28, 2025
Missing Authorization vulnerability in FocuxTheme WPKit For Elementor allows Privilege Escalation... Critical Unreviewed
CVE-2025-32281 was published Jun 27, 2025
Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.1, contains a missing authorization... Critical Unreviewed
CVE-2024-53298 was published Jun 20, 2025
The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By... Critical Unreviewed
CVE-2025-1562 was published Jun 18, 2025
The REST API | Custom API Generator For Cross Platform And Import Export In WP plugin for... Critical Unreviewed
CVE-2025-5288 was published Jun 13, 2025
RFC inbound processing�does not perform necessary authorization checks for an authenticated user,... Critical Unreviewed
CVE-2025-42989 was published Jun 10, 2025
The WP Email Debug plugin for WordPress is vulnerable to privilege escalation due to a missing... Critical Unreviewed
CVE-2025-5486 was published Jun 6, 2025
The HyperComments plugin for WordPress is vulnerable to unauthorized modification of data that... Critical Unreviewed
CVE-2025-5701 was published Jun 5, 2025
An arbitrary file upload vulnerability in the component /server/executeExec of JEHC-BPM v2.0.1... Critical Unreviewed
CVE-2025-45854 was published Jun 3, 2025
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma... Critical Unreviewed
CVE-2025-30448 was published May 13, 2025
An issue was discovered in Znuny before 7.1.4. Permissions are not checked properly when using... Critical Unreviewed
CVE-2025-26846 was published May 12, 2025
Incorrect access control in Victure RX1800 EN_V1.0.0_r12_110933 allows attackers to enable SSH... Critical Unreviewed
CVE-2025-28202 was published May 9, 2025
A vulnerability in the S3 bucket configuration for h2oai/h2o-3 allows public write access to the ... Critical Unreviewed
CVE-2025-0782 was published May 2, 2025
Digigram's PYKO-OUT audio-over-IP (AoIP) web-server does not require a password by default,... Critical Unreviewed
CVE-2025-3927 was published May 2, 2025
The OTP-less one tap Sign in plugin for WordPress is vulnerable to privilege escalation via... Critical Unreviewed
CVE-2025-3746 was published May 2, 2025
The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover... Critical Unreviewed
CVE-2025-3604 was published Apr 24, 2025
A vulnerability in the cmdb service of the HPE Performance Cluster Manager (HPCM) could allow an... Critical Unreviewed
CVE-2025-37087 was published Apr 22, 2025
An issue in the login page of Seclore v3.27.5.0 allows attackers to bypass authentication via a... Critical Unreviewed
CVE-2024-53591 was published Apr 18, 2025
An authentication issue was addressed with improved state management. This issue is fixed in... Critical Unreviewed
CVE-2025-31194 was published Apr 1, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in visionOS 2.4,... Critical Unreviewed
CVE-2025-31182 was published Apr 1, 2025
An access issue was addressed with additional sandbox restrictions on the system pasteboards.... Critical Unreviewed
CVE-2025-30461 was published Apr 1, 2025
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Ventura... Critical Unreviewed
CVE-2025-24259 was published Apr 1, 2025
This issue was addressed by adding a delay between verification code attempts. This issue is... Critical Unreviewed
CVE-2025-24245 was published Apr 1, 2025
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in... Critical Unreviewed
CVE-2025-24249 was published Apr 1, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-24181 was published Apr 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database