Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,880 advisories

Loading
The Click Mag - Viral WordPress News Magazine/Blog Theme theme for WordPress is vulnerable to... High Unreviewed
CVE-2024-13656 was published Feb 12, 2025
The ConvertPlus plugin for WordPress is vulnerable to unauthorized modification of data that can... High Unreviewed
CVE-2024-13800 was published Feb 12, 2025
The WPSyncSheets Lite For WPForms – WPForms Google Spreadsheet Addon plugin for WordPress is... Moderate Unreviewed
CVE-2024-12164 was published Feb 12, 2025
The ZoxPress - The All-In-One WordPress News Theme theme for WordPress is vulnerable to... High Unreviewed
CVE-2024-13653 was published Feb 12, 2025
The ZoxPress - The All-In-One WordPress News Theme theme for WordPress is vulnerable to... High Unreviewed
CVE-2024-13654 was published Feb 12, 2025
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-13554 was published Feb 12, 2025
The aDirectory – WordPress Directory Listing Plugin plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-13541 was published Feb 12, 2025
The Zox News - Professional WordPress News & Magazine Theme plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-13643 was published Feb 11, 2025
Due to a missing authorization check, an attacker who is logged in to application can view/... Moderate Unreviewed
CVE-2025-25241 was published Feb 11, 2025
Due to missing authorization check, an authenticated attacker could call a remote-enabled... Moderate Unreviewed
CVE-2025-23190 was published Feb 11, 2025
Due to missing authorization check in an RFC enabled function module in transaction SDCCN, an... Moderate Unreviewed
CVE-2025-23189 was published Feb 11, 2025
Due to missing authorization check in an RFC enabled function module in transaction SDCCN, an... Moderate Unreviewed
CVE-2025-23187 was published Feb 11, 2025
Missing Authorization vulnerability in blackandwhitedigital BookPress – For Book Authors allows... High Unreviewed
CVE-2025-25167 was published Feb 7, 2025
Missing Authorization vulnerability in Metagauss Event Kikfyre allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-25110 was published Feb 7, 2025
Missing Authorization vulnerability in Melodic Media Slide Banners allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-25120 was published Feb 7, 2025
Missing Authorization vulnerability in DeannaS Embed RSS allows Exploiting Incorrectly Configured... Moderate Unreviewed
CVE-2025-25081 was published Feb 7, 2025
An issue has been discovered in GitLab EE affecting all versions starting from 15.2 prior to 16.9... Moderate Unreviewed
CVE-2024-1539 was published Feb 5, 2025
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0 prior to... Moderate Unreviewed
CVE-2024-3976 was published Feb 5, 2025
Missing Authorization vulnerability in FameThemes OnePress allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-22643 was published Feb 4, 2025
Missing Authorization vulnerability in Ksher Ksher allows Exploiting Incorrectly Configured... Moderate Unreviewed
CVE-2025-22730 was published Feb 4, 2025
Missing Authorization vulnerability in EmbedPress Document Block – Upload & Embed Docs. This... Moderate Unreviewed
CVE-2025-22696 was published Feb 4, 2025
The SocialV - Social Network and Community BuddyPress Theme theme for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-13529 was published Feb 4, 2025
Digiever DS-2105 Pro 3.1.0.71-11 devices allow time_tzsetup.cgi Command Injection. NOTE: This... Moderate Unreviewed
CVE-2023-52163 was published Feb 3, 2025
An issue in Geovision GV-ASWeb with version 6.1.0.0 or less allows unauthorized attackers with... Moderate Unreviewed
CVE-2024-56902 was published Feb 3, 2025
Incorrect access control in Geovision GV-ASWeb version 6.1.0.0 or less allows unauthorized... High Unreviewed
CVE-2024-56898 was published Feb 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database