Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,112
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

688 advisories

Loading
The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-13607 was published Feb 4, 2025
The Medical Addon for Elementor plugin for WordPress is vulnerable to Insecure Direct Object... Moderate Unreviewed
CVE-2024-12046 was published Feb 4, 2025
Authorization Bypass Through User-Controlled Key vulnerability in NirWp Team Nirweb support. This... Moderate Unreviewed
CVE-2025-22695 was published Feb 3, 2025
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for... Moderate Unreviewed
CVE-2024-13372 was published Feb 1, 2025
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for... Moderate Unreviewed
CVE-2024-13425 was published Feb 1, 2025
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for... Moderate Unreviewed
CVE-2024-13429 was published Feb 1, 2025
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for... Moderate Unreviewed
CVE-2024-13428 was published Feb 1, 2025
The Typer Core plugin for WordPress is vulnerable to Information Exposure in all versions up to,... Moderate Unreviewed
CVE-2024-12102 was published Jan 30, 2025
The WooCommerce Wishlist (High customization, fast setup,Free Elementor Wishlist, most features)... High Unreviewed
CVE-2024-13694 was published Jan 30, 2025
The Event Tickets and Registration plugin for WordPress is vulnerable to Insecure Direct Object... Moderate Unreviewed
CVE-2024-13457 was published Jan 30, 2025
TYPO3-EXT-SA-2025-001: Account Takeover in extension "OpenID Connect Authentication" (oidc) Moderate
CVE-2025-24856 was published for causal/oidc (Composer) Jan 28, 2025
CWE-639: Authorization Bypass Through User-Controlled Key vulnerability exists that could allow... High Unreviewed
CVE-2024-10497 was published Jan 17, 2025
TrueFiling is a collaborative, web-based electronic filing system where attorneys, paralegals,... Low Unreviewed
CVE-2024-11146 was published Jan 17, 2025
Indico Insecure Access Moderate
CVE-2024-50633 was published for indico (pip) Jan 16, 2025
The Piotnet Addons For Elementor plugin for WordPress is vulnerable to Information Exposure in... Moderate Unreviewed
CVE-2024-10775 was published Jan 15, 2025
In SAP Business Workflow and SAP Flexible Workflow, an authenticated attacker can manipulate a... Moderate Unreviewed
CVE-2025-0058 was published Jan 14, 2025
The RRAddons for Elementor plugin for WordPress is vulnerable to Information Exposure in all... Moderate Unreviewed
CVE-2024-11915 was published Jan 11, 2025
The Unlimited Theme Addon For Elementor and WooCommerce plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-12116 was published Jan 11, 2025
HCL MyXalytics is affected by insecure direct object references. It occurs due to missing access... High Unreviewed
CVE-2024-42169 was published Jan 11, 2025
The Post Duplicator plugin for WordPress is vulnerable to Information Exposure in all versions up... Moderate Unreviewed
CVE-2024-12472 was published Jan 11, 2025
The WPBookit plugin for WordPress is vulnerable to Arbitrary User Password Change in versions up... Critical Unreviewed
CVE-2024-10215 was published Jan 9, 2025
Multiple functions are vulnerable to Authorization Bypass in AIMS eCrew. The issue was fixed in... Moderate Unreviewed
CVE-2024-44450 was published Jan 7, 2025
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for... Moderate Unreviewed
CVE-2024-12131 was published Jan 7, 2025
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for... Moderate Unreviewed
CVE-2024-12132 was published Jan 3, 2025
The QOCA aim from Quanta Computer has an Authorization Bypass Through User-Controlled Key... High Unreviewed
CVE-2024-13040 was published Dec 31, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database