Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,715
Erlang
34
GitHub Actions
28
Go
2,302
Maven
5,000+
npm
3,946
NuGet
711
pip
3,716
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,080 advisories

Loading
The Property plugin for WordPress is vulnerable to Privilege Escalation due to a missing... High Unreviewed
CVE-2025-5117 was published May 27, 2025
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2025-4683 was published May 27, 2025
Missing authorization vulnerability in TCMAN's GIM v11. This allows an authenticated attacker to... High Unreviewed
CVE-2025-40667 was published May 26, 2025
Missing Authorization vulnerability in Leadinfo Leadinfo allows Exploiting Incorrectly Configured... Moderate Unreviewed
CVE-2025-48271 was published May 23, 2025
Missing Authorization vulnerability in dastan800 Visual Header allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-48275 was published May 23, 2025
Missing Authorization vulnerability in 6Storage 6Storage Rentals allows Path Traversal. This... Moderate Unreviewed
CVE-2025-47619 was published May 23, 2025
Missing Authorization vulnerability in smackcoders Lead Form Data Collection to CRM allows... High Unreviewed
CVE-2025-47690 was published May 23, 2025
Missing Authorization vulnerability in RomanCode MapSVG allows Accessing Functionality Not... High Unreviewed
CVE-2025-47558 was published May 23, 2025
Missing Authorization vulnerability in Chimpstudio JobHunt Job Alerts allows Exploiting... High Unreviewed
CVE-2025-39536 was published May 23, 2025
Missing Authorization vulnerability in dastan800 Visual Builder allows Reflected XSS. This issue... High Unreviewed
CVE-2025-46488 was published May 23, 2025
Missing Authorization vulnerability in UX Design Experts Experto CTA Widget – Call To... Moderate Unreviewed
CVE-2025-47529 was published May 23, 2025
When pglogical attempts to replicate data, it does not verify it is using a replication... Moderate Unreviewed
CVE-2025-2506 was published May 22, 2025
A information disclosure vulnerability exists in Rocket.chat <v5, <v4.8.2 and <v4.7.5 where the... Moderate Unreviewed
CVE-2022-35247 was published Sep 25, 2022
The Splitit plugin for WordPress is vulnerable to unauthorized modification of data due to... Moderate Unreviewed
CVE-2025-4105 was published May 21, 2025
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable... Critical Unreviewed
CVE-2024-6328 was published Jul 12, 2024
Inappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0... Moderate Unreviewed
CVE-2022-3048 was published Sep 27, 2022
Missing Authorization vulnerability in Drupal Single Content Sync allows Functionality Misuse... Low Unreviewed
CVE-2025-48009 was published May 21, 2025
VMware Cloud Foundation contains a missing authorisation vulnerability. A malicious actor with... High Unreviewed
CVE-2025-41231 was published May 20, 2025
The Simple Photoswipe WordPress plugin through 0.1 does not have authorisation check when... Moderate Unreviewed
CVE-2024-5570 was published Jul 9, 2024
Missing Authorization vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a... High Unreviewed
CVE-2025-39350 was published May 19, 2025
Missing Authorization vulnerability in ThemeGoods Grand Restaurant WordPress allows Exploiting... High Unreviewed
CVE-2025-39352 was published May 19, 2025
Missing Authorization vulnerability in ChoPlugins Custom PC Builder Lite for WooCommerce allows... Moderate Unreviewed
CVE-2025-43838 was published May 19, 2025
Missing Authorization vulnerability in Crocoblock JetWooBuilder allows Accessing Functionality... High Unreviewed
CVE-2025-39449 was published May 19, 2025
Missing Authorization vulnerability in Crocoblock JetElements For Elementor allows Accessing... High Unreviewed
CVE-2025-39447 was published May 19, 2025
Missing Authorization vulnerability in Crocoblock JetBlocks For Elementor allows Accessing... High Unreviewed
CVE-2025-39451 was published May 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database