Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,358
Maven
5,000+
npm
3,979
NuGet
720
pip
3,777
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

926 advisories

Loading
Missing Authorization vulnerability in ZealousWeb Abandoned Contact Form 7 allows Exploiting... High Unreviewed
CVE-2025-52817 was published Jun 27, 2025
Missing Authorization vulnerability in Dejan Jasnic Trusty Whistleblowing allows Exploiting... High Unreviewed
CVE-2025-52818 was published Jun 27, 2025
Missing Authorization vulnerability in MDJM Mobile DJ Manager allows Exploiting Incorrectly... High Unreviewed
CVE-2025-52824 was published Jun 27, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 17.11 before 17.11.4 and... High Unreviewed
CVE-2025-5121 was published Jun 20, 2025
Missing Authorization vulnerability in enguerranws Import YouTube videos as WP Posts allows... High Unreviewed
CVE-2025-52802 was published Jun 20, 2025
The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is... High Unreviewed
CVE-2025-5282 was published Jun 13, 2025
Files in the source code contain login credentials for the admin user and the property... High Unreviewed
CVE-2025-49182 was published Jun 12, 2025
Due to missing authorization of an API endpoint, unauthorized users can send HTTP GET requests to... High Unreviewed
CVE-2025-49181 was published Jun 12, 2025
SunGrow's back end users system iSolarCloud https://isolarcloud.com  uses an MQTT service to... High Unreviewed
CVE-2025-29756 was published Jun 11, 2025
SAP GRC allows a non-administrative user to access and initiate transaction which could allow... High Unreviewed
CVE-2025-42982 was published Jun 10, 2025
SAP Business Warehouse and SAP Plug-In Basis allows an authenticated attacker to drop arbitrary... High Unreviewed
CVE-2025-42983 was published Jun 10, 2025
Missing Authorization vulnerability in WP Swings Membership For WooCommerce allows Accessing... High Unreviewed
CVE-2025-49265 was published Jun 9, 2025
Missing Authorization vulnerability in Fahad Mahmood Stock Locations for WooCommerce allows... High Unreviewed
CVE-2025-47463 was published Jun 9, 2025
Missing Authorization vulnerability in Icegram Icegram Collect – Easy Form, Lead Collection and... High Unreviewed
CVE-2025-47527 was published Jun 9, 2025
Missing Authorization vulnerability in looks_awesome Team Builder allows Exploiting Incorrectly... High Unreviewed
CVE-2025-32308 was published Jun 9, 2025
Smart Parking Management System from Honding Technology has a Missing Authorization vulnerability... High Unreviewed
CVE-2025-5894 was published Jun 9, 2025
Missing Authorization vulnerability in Christiaan Pieterse MaxiBlocks allows Privilege Escalation... High Unreviewed
CVE-2025-47601 was published Jun 7, 2025
A missing authorization vulnerability in Soar Cloud HRD Human Resource Management System through... High Unreviewed
CVE-2025-48784 was published Jun 6, 2025
The Hive Support plugin for WordPress is vulnerable to unauthorized access and modification of... High Unreviewed
CVE-2025-5018 was published Jun 6, 2025
The Property plugin for WordPress is vulnerable to Privilege Escalation due to a missing... High Unreviewed
CVE-2025-5117 was published May 27, 2025
Missing authorization vulnerability in TCMAN's GIM v11. This allows an authenticated attacker to... High Unreviewed
CVE-2025-40667 was published May 26, 2025
Missing Authorization vulnerability in smackcoders Lead Form Data Collection to CRM allows... High Unreviewed
CVE-2025-47690 was published May 23, 2025
Missing Authorization vulnerability in RomanCode MapSVG allows Accessing Functionality Not... High Unreviewed
CVE-2025-47558 was published May 23, 2025
Missing Authorization vulnerability in dastan800 Visual Builder allows Reflected XSS. This issue... High Unreviewed
CVE-2025-46488 was published May 23, 2025
Missing Authorization vulnerability in Chimpstudio JobHunt Job Alerts allows Exploiting... High Unreviewed
CVE-2025-39536 was published May 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database