Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,762
NuGet
678
pip
3,447
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

263,730 advisories

Loading
A NULL Pointer Dereference vulnerability in Cesanta Frozen versions less than 1.7 allows an... Moderate Unreviewed
CVE-2025-0696 was published Jan 27, 2025
An Allocation of Resources Without Limits or Throttling vulnerability in Cesanta Frozen versions... Moderate Unreviewed
CVE-2025-0695 was published Jan 27, 2025
Xerox Workplace Suite stores tokens in session storage, which may expose them to potential access... Moderate Unreviewed
CVE-2024-55931 was published Jan 27, 2025
uniapi version 1.0.7 contained an information harvesting script. High
GHSA-gvvw-rr8m-fj76 was published for uniapi (pip) Jan 27, 2025
Opening a malicious website while running a Nuxt dev server could allow read-only access to code Moderate
CVE-2025-24361 was published for @nuxt/rspack-builder (npm) Jan 27, 2025
sapphi-red
Opening a malicious website while running a Nuxt dev server could allow read-only access to code Moderate
CVE-2025-24360 was published for @nuxt/vite-builder (npm) Jan 27, 2025
sapphi-red
Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are... Unknown Unreviewed
CVE-2024-52012 was published Jan 27, 2025
Core creation allows users to replace "trusted" configset files with arbitrary configuration ... Unknown Unreviewed
CVE-2025-24814 was published Jan 27, 2025
The Dyn Business Panel WordPress plugin through 1.0.0 does not have CSRF check in some places,... Unknown Unreviewed
CVE-2024-13057 was published Jan 27, 2025
An improper privilege management vulnerability in OTRS Generic Interface module allows change of... Low Unreviewed
CVE-2024-43446 was published Jan 27, 2025
The Altra Side Menu WordPress plugin through 2.0 does not sanitize and escape a parameter before... Unknown Unreviewed
CVE-2024-12773 was published Jan 27, 2025
The WP Customer Area WordPress plugin through 8.2.4 does not have CSRF checks in some places,... Unknown Unreviewed
CVE-2024-12436 was published Jan 27, 2025
Certain errors of the upstream libraries will insert sensitive information in the OTRS or ((OTRS)... Moderate Unreviewed
CVE-2025-24389 was published Jan 27, 2025
The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter... Unknown Unreviewed
CVE-2024-13056 was published Jan 27, 2025
The Social Share Buttons for WordPress plugin through 2.7 allows an unauthenticated user to... Unknown Unreviewed
CVE-2024-13117 was published Jan 27, 2025
The WC Affiliate WordPress plugin through 2.3.9 does not sanitise and escape a parameter before... Unknown Unreviewed
CVE-2024-12321 was published Jan 27, 2025
A vulnerability in OTRS Application Server and reverse proxy settings allows session hijacking... Moderate Unreviewed
CVE-2025-24390 was published Jan 27, 2025
The Crelly Slider WordPress plugin before 1.4.7 does not sanitise and escape some of its settings... Unknown Unreviewed
CVE-2024-13116 was published Jan 27, 2025
The Dental Optimizer Patient Generator App WordPress plugin through 1.0 does not sanitise and... Unknown Unreviewed
CVE-2024-13052 was published Jan 27, 2025
A vulnerability exists in OTRS and ((OTRS Community Edition)) that fail to set the HTTP response... Moderate Unreviewed
CVE-2024-43445 was published Jan 27, 2025
The Altra Side Menu WordPress plugin through 2.0 does not have CSRF checks in some places, which... Unknown Unreviewed
CVE-2024-12774 was published Jan 27, 2025
The WP Triggers Lite WordPress plugin through 2.5.3 does not sanitise and escape a parameter... Unknown Unreviewed
CVE-2024-13094 was published Jan 27, 2025
The WP Triggers Lite WordPress plugin through 2.5.3 does not sanitize and escape a parameter... Unknown Unreviewed
CVE-2024-13095 was published Jan 27, 2025
The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter... Unknown Unreviewed
CVE-2024-13055 was published Jan 27, 2025
The WP Customer Area WordPress plugin through 8.2.4 does not have CSRF check in place when... Unknown Unreviewed
CVE-2024-12280 was published Jan 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database