Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

113,180 advisories

Loading
The Linear plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to... Moderate Unreviewed
CVE-2024-13709 was published Jan 25, 2025
The Plethora Plugins Tabs + Accordions plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-13721 was published Jan 25, 2025
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2025-21262 was published Jan 25, 2025
A vulnerability was found in Dcat-Admin 2.2.1-beta. It has been rated as problematic. This issue... Moderate Unreviewed
CVE-2025-0709 was published Jan 24, 2025
A vulnerability has been found in JoeyBling bootplus up to... Moderate Unreviewed
CVE-2025-0705 was published Jan 24, 2025
A vulnerability was found in fumiao opencms 2.2. It has been declared as problematic. This... Moderate Unreviewed
CVE-2025-0708 was published Jan 24, 2025
A vulnerability classified as problematic has been found in CampCodes School Management Software... Moderate Unreviewed
CVE-2025-0710 was published Jan 24, 2025
A vulnerability was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d... Moderate Unreviewed
CVE-2025-0706 was published Jan 24, 2025
A vulnerability, which was classified as problematic, was found in JoeyBling bootplus up to... Moderate Unreviewed
CVE-2025-0704 was published Jan 24, 2025
A vulnerability, which was classified as problematic, has been found in JoeyBling bootplus up to... Moderate Unreviewed
CVE-2025-0703 was published Jan 24, 2025
Missing Authorization vulnerability in Arshid WooCommerce Quick View allows Exploiting... Moderate Unreviewed
CVE-2025-24705 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-24709 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-24704 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Popup Box allows Cross Site... Moderate Unreviewed
CVE-2025-24711 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Counter Box allows Cross Site... Moderate Unreviewed
CVE-2025-24715 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Button Generator – easily Button... Moderate Unreviewed
CVE-2025-24713 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Herd Effects allows Cross Site... Moderate Unreviewed
CVE-2025-24716 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-24706 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Bubble Menu – circle floating menu... Moderate Unreviewed
CVE-2025-24714 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-24719 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-24722 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-24721 was published Jan 24, 2025
Missing Authorization vulnerability in ThimPress Thim Elementor Kit allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-24725 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Sticky Buttons allows Cross Site... Moderate Unreviewed
CVE-2025-24720 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-24726 was published Jan 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database