GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
253,100 advisories
Filter by severity
The Verification SMS with TargetSMS plugin for WordPress is vulnerable to limited Remote Code...
High
Unreviewed
CVE-2025-3776
was published
Apr 24, 2025
The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover...
Critical
Unreviewed
CVE-2025-3603
was published
Apr 24, 2025
Use of hard-coded cryptographic key vulnerability in i-PRO Configuration Tool affects the network...
Moderate
Unreviewed
CVE-2025-32730
was published
Apr 24, 2025
An issue has been discovered affecting service availability via issue preview in GitLab CE/EE...
Moderate
Unreviewed
CVE-2025-0639
was published
Apr 24, 2025
An issue has been discovered in access controls could allow users to view certain restricted...
Moderate
Unreviewed
CVE-2024-12244
was published
Apr 24, 2025
The My Tickets – Accessible Event Ticketing plugin for WordPress is vulnerable to Privilege...
High
Unreviewed
CVE-2025-3761
was published
Apr 24, 2025
The Mang Board WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2025-3435
was published
Apr 24, 2025
The Category Posts Widget WordPress plugin before 4.9.20 does not sanitise and escape some of its...
Moderate
Unreviewed
CVE-2025-1453
was published
Apr 24, 2025
The-wound WordPress theme through 0.0.1 does not validate some parameters before using them to...
High
Unreviewed
CVE-2025-2558
was published
Apr 24, 2025
Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user...
High
Unreviewed
CVE-2025-1976
was published
Apr 24, 2025
Westermo WeOS 5 through 5.23.0 allows a reboot via a malformed ESP packet.
Moderate
Unreviewed
CVE-2025-46419
was published
Apr 24, 2025
NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 generates...
High
Unreviewed
CVE-2025-27580
was published
Apr 24, 2025
IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow...
Moderate
Unreviewed
CVE-2024-22351
was published
Apr 24, 2025
NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 allows users...
Moderate
Unreviewed
CVE-2025-27581
was published
Apr 24, 2025
IBM InfoSphere Information 11.7 Server authenticated user to obtain sensitive information when a...
Moderate
Unreviewed
CVE-2025-25045
was published
Apr 24, 2025
IBM InfoSphere Information Server 11.7 DataStage Flow Designer
transmits sensitive information...
Low
Unreviewed
CVE-2025-25046
was published
Apr 24, 2025
Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local...
High
Unreviewed
CVE-2025-46399
was published
Apr 23, 2025
ProTip!
Advisories are also available from the
GraphQL API