Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,361
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,794
NuGet
685
pip
3,473
Pub
12
RubyGems
895
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4,120 advisories

Loading
The The AI Infographic Maker plugin for WordPress is vulnerable to arbitrary shortcode execution... Moderate Unreviewed
CVE-2024-12415 was published Jan 31, 2025
The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed
CVE-2024-13472 was published Jan 31, 2025
This vulnerability allows network-adjacent attackers to create arbitrary files on affected... High Unreviewed
CVE-2024-23929 was published Jan 31, 2025
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2024-23920 was published Jan 31, 2025
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for... High Unreviewed
CVE-2024-11600 was published Jan 30, 2025
The The Contact Form & SMTP Plugin for WordPress by PirateForms plugin for WordPress is... High Unreviewed
CVE-2024-13453 was published Jan 30, 2025
A Code Injection vulnerability was identified in GitHub Enterprise Server that allowed attackers... High Unreviewed
CVE-2024-10001 was published Jan 29, 2025
In Source of ZipFile.java, there is a possible way for an attacker to execute arbitrary code by... Moderate Unreviewed
CVE-2024-40673 was published Jan 28, 2025
A Local Code Injection Vulnerability exists in the product and version listed above. The... High Unreviewed
CVE-2025-24482 was published Jan 28, 2025
A validation issue was addressed with improved logic. This issue is fixed in iPadOS 17.7.4, macOS... High Unreviewed
CVE-2025-24159 was published Jan 28, 2025
The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in... High Unreviewed
CVE-2024-13499 was published Jan 22, 2025
The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in... High Unreviewed
CVE-2024-13495 was published Jan 22, 2025
The mqlink.elf is service component in Ruijie RG-EW300N with firmware ReyeeOS 1.300.1422 is... Critical Unreviewed
CVE-2024-42936 was published Jan 21, 2025
An issue in RAR Extractor - Unarchiver Free and Pro v.6.4.0 allows local attackers to inject... Moderate Unreviewed
CVE-2024-55504 was published Jan 21, 2025
Craft CMS has a potential RCE with a compromised security key High
CVE-2025-23209 was published for craftcms/cms (Composer) Jan 21, 2025
The The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-10970 was published Jan 16, 2025
RE11S v1.11 was discovered to contain a command injection vulnerability via the component /goform... Critical Unreviewed
CVE-2025-22912 was published Jan 16, 2025
RE11S v1.11 was discovered to contain a command injection vulnerability via the L2TPUserName... Critical Unreviewed
CVE-2025-22906 was published Jan 16, 2025
RE11S v1.11 was discovered to contain a command injection vulnerability via the command parameter... Critical Unreviewed
CVE-2025-22905 was published Jan 16, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, iOS 16.7... High Unreviewed
CVE-2024-27856 was published Jan 15, 2025
An issue in D-Link DWR-M972V 1.05SSG allows a remote attacker to execute arbitrary code via SSH... Critical Unreviewed
CVE-2025-22968 was published Jan 15, 2025
The XINJE XL5E-16T and XD5E-24R-E programmable logic controllers V3.5.3b-V3.7.2a have a... High Unreviewed
CVE-2024-50954 was published Jan 15, 2025
Mongoose search injection vulnerability Critical
CVE-2025-23061 was published for mongoose (npm) Jan 15, 2025
skrtheboss
ECOVACS Robotics Deebot T20 OMNI and T20e OMNI before 1.24.0 was discovered to contain a WiFi... High Unreviewed
CVE-2024-42911 was published Jan 15, 2025
An authenticated parameter injection vulnerability exists in the web-based management interface... High Unreviewed
CVE-2025-23051 was published Jan 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database