Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,361
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,794
NuGet
685
pip
3,473
Pub
12
RubyGems
895
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,377 advisories

Loading
The PressMart - Modern Elementor WooCommerce WordPress Theme theme for WordPress is vulnerable to... High Unreviewed
CVE-2024-13797 was published Feb 18, 2025
JSONPath Plus allows Remote Code Execution High
CVE-2025-1302 was published for jsonpath-plus (npm) Feb 15, 2025
The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to... High Unreviewed
CVE-2024-13346 was published Feb 13, 2025
The Avada Builder plugin for WordPress is vulnerable to arbitrary shortcode execution in all... High Unreviewed
CVE-2024-13345 was published Feb 13, 2025
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS... High Unreviewed
CVE-2024-27859 was published Feb 10, 2025
The WP ALL Export Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions... High Unreviewed
CVE-2024-7419 was published Feb 7, 2025
An issue in Kanaries Inc Pygwalker before v.0.4.9.9 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2024-57609 was published Feb 7, 2025
The The CURCY – Multi Currency for WooCommerce – The best free currency exchange plugin – Run... High Unreviewed
CVE-2024-13487 was published Feb 6, 2025
NETGEAR XR1000 before 1.0.0.74, XR1000v2 before 1.1.0.22, and XR500 before 2.3.2.134 allow remote... High Unreviewed
CVE-2025-25246 was published Feb 5, 2025
The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed
CVE-2024-13472 was published Jan 31, 2025
This vulnerability allows network-adjacent attackers to create arbitrary files on affected... High Unreviewed
CVE-2024-23929 was published Jan 31, 2025
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2024-23920 was published Jan 31, 2025
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for... High Unreviewed
CVE-2024-11600 was published Jan 30, 2025
The The Contact Form & SMTP Plugin for WordPress by PirateForms plugin for WordPress is... High Unreviewed
CVE-2024-13453 was published Jan 30, 2025
A Code Injection vulnerability was identified in GitHub Enterprise Server that allowed attackers... High Unreviewed
CVE-2024-10001 was published Jan 29, 2025
A Local Code Injection Vulnerability exists in the product and version listed above. The... High Unreviewed
CVE-2025-24482 was published Jan 28, 2025
A validation issue was addressed with improved logic. This issue is fixed in iPadOS 17.7.4, macOS... High Unreviewed
CVE-2025-24159 was published Jan 28, 2025
The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in... High Unreviewed
CVE-2024-13499 was published Jan 22, 2025
The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in... High Unreviewed
CVE-2024-13495 was published Jan 22, 2025
Craft CMS has a potential RCE with a compromised security key High
CVE-2025-23209 was published for craftcms/cms (Composer) Jan 21, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, iOS 16.7... High Unreviewed
CVE-2024-27856 was published Jan 15, 2025
The XINJE XL5E-16T and XD5E-24R-E programmable logic controllers V3.5.3b-V3.7.2a have a... High Unreviewed
CVE-2024-50954 was published Jan 15, 2025
ECOVACS Robotics Deebot T20 OMNI and T20e OMNI before 1.24.0 was discovered to contain a WiFi... High Unreviewed
CVE-2024-42911 was published Jan 15, 2025
An authenticated parameter injection vulnerability exists in the web-based management interface... High Unreviewed
CVE-2025-23051 was published Jan 14, 2025
Windows Search Service Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-21292 was published Jan 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database