GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,719
Composer 4,743
Erlang 35
GitHub Actions 29
Go 2,318
Maven 5,601
npm 3,950
NuGet 711
pip 3,730
Pub 12
RubyGems 920
Rust 965
Swift 38

Unreviewed advisories

All unreviewed 257,788

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

905 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Property plugin for WordPress is vulnerable to Privilege Escalation due to a missing... High Unreviewed

CVE-2025-5117 was published May 27, 2025

Missing authorization vulnerability in TCMAN's GIM v11. This allows an authenticated attacker to... High Unreviewed

CVE-2025-40667 was published May 26, 2025

Missing Authorization vulnerability in smackcoders Lead Form Data Collection to CRM allows... High Unreviewed

CVE-2025-47690 was published May 23, 2025

Missing Authorization vulnerability in RomanCode MapSVG allows Accessing Functionality Not... High Unreviewed

CVE-2025-47558 was published May 23, 2025

Missing Authorization vulnerability in dastan800 Visual Builder allows Reflected XSS. This issue... High Unreviewed

CVE-2025-46488 was published May 23, 2025

Missing Authorization vulnerability in Chimpstudio JobHunt Job Alerts allows Exploiting... High Unreviewed

CVE-2025-39536 was published May 23, 2025

VMware Cloud Foundation contains a missing authorisation vulnerability. A malicious actor with... High Unreviewed

CVE-2025-41231 was published May 20, 2025

Missing Authorization vulnerability in ThemeGoods Grand Restaurant WordPress allows Exploiting... High Unreviewed

CVE-2025-39352 was published May 19, 2025

Missing Authorization vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a... High Unreviewed

CVE-2025-39350 was published May 19, 2025

Missing Authorization vulnerability in Crocoblock JetWooBuilder allows Accessing Functionality... High Unreviewed

CVE-2025-39449 was published May 19, 2025

Missing Authorization vulnerability in Crocoblock JetBlocks For Elementor allows Accessing... High Unreviewed

CVE-2025-39451 was published May 19, 2025

Missing Authorization vulnerability in Crocoblock JetElements For Elementor allows Accessing... High Unreviewed

CVE-2025-39447 was published May 19, 2025

The ThreatSonar Anti-Ransomware from TeamT5 has a Privilege Escalation vulnerability, allowing... High Unreviewed

CVE-2025-4477 was published May 19, 2025

Samsung Galaxy Buds and Galaxy Buds 2 audio devices are Bluetooth pairable by default without... High Unreviewed

CVE-2024-58101 was published May 14, 2025

Unauthorized access to "/api/Token/gettoken" endpoint in EZD RP allows file manipulation.This... High Unreviewed

CVE-2025-4430 was published May 14, 2025

Under certain conditions, SAP Landscape Transformation's PCL Basis module does not perform the... High Unreviewed

CVE-2025-43011 was published May 13, 2025

Under certain conditions Promotion Management Wizard (PMW) allows an attacker to access... High Unreviewed

CVE-2025-43000 was published May 13, 2025

The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Privilege... High Unreviewed

CVE-2025-3876 was published May 10, 2025

A vulnerability in the Cisco Industrial Ethernet Switch Device Manager (DM) of Cisco IOS Software... High Unreviewed

CVE-2025-20164 was published May 7, 2025

The PGS Core plugin for WordPress is vulnerable to unauthorized access, modification, and loss of... High Unreviewed

CVE-2025-0856 was published May 7, 2025

The Flynax Bridge plugin for WordPress is vulnerable to limited Privilege Escalation due to a... High Unreviewed

CVE-2025-4179 was published May 2, 2025

The Projectopia – WordPress Project Management plugin for WordPress is vulnerable to unauthorized... High Unreviewed

CVE-2025-3952 was published May 1, 2025

The NewsBlogger theme for WordPress is vulnerable to arbitrary file uploads due to a missing... High Unreviewed

CVE-2025-1304 was published May 1, 2025

The Page View Count plugin for WordPress is vulnerable to unauthorized modification of data that... High Unreviewed

CVE-2025-2816 was published May 1, 2025

Missing authorization in Azure Virtual Desktop allows an authorized attacker to elevate... High Unreviewed

CVE-2025-21416 was published Apr 30, 2025

Previous 1 2 3 4 5 … 36 37 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

905 advisories