Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

98,904 advisories

Loading
The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed
CVE-2025-3404 was published Apr 19, 2025
The CLEVER - HTML5 Radio Player With History - Shoutcast and Icecast - Elementor Widget Addon... High Unreviewed
CVE-2025-3103 was published Apr 19, 2025
The Debug Log Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... High Unreviewed
CVE-2025-3809 was published Apr 19, 2025
The Insert Headers And Footers plugin for WordPress is vulnerable to Cross-Site Request Forgery... High Unreviewed
CVE-2025-2111 was published Apr 19, 2025
The WP-Syntax WordPress plugin through 1.2 does not properly handle input, allowing an attacker... High Unreviewed
CVE-2024-13926 was published Apr 19, 2025
The JobWP – Job Board, Job Listing, Career Page and Recruitment Plugin plugin for WordPress is... High Unreviewed
CVE-2025-2010 was published Apr 19, 2025
When installing Nessus to a non-default location on a Windows host, Nessus versions prior to 10.8... High Unreviewed
CVE-2025-24914 was published Apr 18, 2025
An access control vulnerability in Nagios Network Analyzer 2024R1.0.3 allows deleted users to... High Unreviewed
CVE-2025-28059 was published Apr 18, 2025
An issue in WorldCast Systems ECRESO FM/DAB/TV Transmitter v1.10.1 allows authenticated attackers... High Unreviewed
CVE-2025-28237 was published Apr 18, 2025
An information disclosure vulnerability in the component /socket.io/1/websocket/ of Soundcraft Ui... High Unreviewed
CVE-2025-28235 was published Apr 18, 2025
A vulnerability was found in Tenda AC15 up to 15.03.05.19 and classified as critical. This issue... High Unreviewed
CVE-2025-3786 was published Apr 18, 2025
A vulnerability has been found in D-Link DWR-M961 1.1.36 and classified as critical. This... High Unreviewed
CVE-2025-3785 was published Apr 18, 2025
Path Traversal: '.../...//' vulnerability in ThimPress Ivy School allows PHP Local File Inclusion... High Unreviewed
CVE-2025-39470 was published Apr 18, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-39469 was published Apr 18, 2025
A Stored cross-site scripting (XSS) vulnerability in upnp page of the web Interface in TP-Link... High Unreviewed
CVE-2025-25427 was published Apr 18, 2025
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU... High Unreviewed
CVE-2025-0467 was published Apr 18, 2025
The Avatar plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file... High Unreviewed
CVE-2025-3520 was published Apr 18, 2025
An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that... High Unreviewed
CVE-2025-3246 was published Apr 18, 2025
A Remote Code Execution (RCE) vulnerability was identified in GitHub Enterprise Server that... High Unreviewed
CVE-2025-3509 was published Apr 18, 2025
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Mail... High Unreviewed
CVE-2025-29459 was published Apr 18, 2025
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Import a... High Unreviewed
CVE-2025-29457 was published Apr 18, 2025
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Add... High Unreviewed
CVE-2025-29460 was published Apr 18, 2025
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Change... High Unreviewed
CVE-2025-29458 was published Apr 18, 2025
An issue in a-blogcms 3.1.15 allows a remote attacker to obtain sensitive information via the ... High Unreviewed
CVE-2025-29461 was published Apr 18, 2025
An issue in Seo Panel 4.11.0 allows a remote attacker to obtain sensitive information via the... High Unreviewed
CVE-2025-29451 was published Apr 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database