Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,830
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

741 advisories

Loading
The School Management System – WPSchoolPress plugin for WordPress is vulnerable to Privilege... High Unreviewed
CVE-2025-1667 was published Mar 15, 2025
The Omnipress plugin for WordPress is vulnerable to Information Exposure in all versions up to,... Moderate Unreviewed
CVE-2024-13407 was published Mar 14, 2025
The WP JobHunt plugin for WordPress is vulnerable to privilege escalation via account takeover in... Critical Unreviewed
CVE-2024-11284 was published Mar 14, 2025
The WP JobHunt plugin for WordPress is vulnerable to privilege escalation via account takeover in... Critical Unreviewed
CVE-2024-11285 was published Mar 14, 2025
A vulnerability exists in Issuetrak v17.2.2 and prior that allows a low-privileged user to access... High Unreviewed
CVE-2025-2271 was published Mar 13, 2025
The Business Directory Plugin – Easy Listing Directories for WordPress plugin for WordPress is... Moderate Unreviewed
CVE-2024-13887 was published Mar 13, 2025
Authorization Bypass Through User-Controlled Key vulnerability in shanebp BP Email Assign... Moderate Unreviewed
CVE-2025-28874 was published Mar 11, 2025
The Manage Bank Statements in SAP S/4HANA does not perform required access control checks for an... Moderate Unreviewed
CVE-2025-27436 was published Mar 11, 2025
The Manage Bank Statements in SAP S/4HANA allows authenticated attacker to bypass certain... Moderate Unreviewed
CVE-2025-27433 was published Mar 11, 2025
SAP Fiori applications using the posting library fail to properly configure security settings... Moderate Unreviewed
CVE-2025-26660 was published Mar 11, 2025
The FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel plugin for... Moderate Unreviewed
CVE-2024-12114 was published Mar 8, 2025
ServiceNow has addressed an authorization bypass vulnerability that was identified in the... High Unreviewed
CVE-2025-0337 was published Mar 6, 2025
IDOR Vulnerabilities in ZITADEL's Admin API that Primarily Impact LDAP Configurations Critical
CVE-2025-27507 was published for github.com/zitadel/zitadel (Go) Mar 4, 2025
amit-laish livio-a
fforootd adlerhurst
Security Update for the OPC UA .NET Standard Stack Moderate
CVE-2024-42512 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Mar 3, 2025
TomTervoort
Authorization Bypass Through User-Controlled Key vulnerability in Proliz Software OBS allows... Moderate Unreviewed
CVE-2024-8261 was published Mar 3, 2025
A vulnerability in GitLab-EE affecting all versions from 16.2 prior to 17.7.6, 17.8 prior to 17.8... Moderate Unreviewed
CVE-2024-10925 was published Mar 3, 2025
An Insecure Direct Object References (IDOR) in the component /getStudemtAllDetailsById?studentId... Moderate Unreviewed
CVE-2025-25952 was published Mar 3, 2025
The Ultra Addons Lite for Elementor plugin for WordPress is vulnerable to Information Exposure in... Moderate Unreviewed
CVE-2024-13832 was published Feb 28, 2025
SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct... Critical Unreviewed
CVE-2024-50689 was published Feb 26, 2025
SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct... Critical Unreviewed
CVE-2024-50686 was published Feb 26, 2025
SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct... Critical Unreviewed
CVE-2024-50687 was published Feb 26, 2025
SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct... Critical Unreviewed
CVE-2024-50693 was published Feb 26, 2025
SunGrow iSolarCloud before the October 31, 2024 remediation, is vulnerable to insecure direct... Critical Unreviewed
CVE-2024-50685 was published Feb 26, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Ninja Team Filebird allows... Low Unreviewed
CVE-2025-26977 was published Feb 25, 2025
Authorization Bypass Through User-Controlled Key vulnerability in ameliabooking Amelia allows... Moderate Unreviewed
CVE-2025-26965 was published Feb 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database