Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,331
Erlang
31
GitHub Actions
21
Go
2,093
Maven
5,000+
npm
3,756
NuGet
678
pip
3,443
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

112,971 advisories

Loading
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-10539 was published Jan 23, 2025
The Tainacan plugin for WordPress is vulnerable to SQL Injection via the 'collection_id'... Moderate Unreviewed
CVE-2024-13236 was published Jan 23, 2025
The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-12118 was published Jan 23, 2025
Denial of service condition in M-Files Server in versions before 25.1.14445.5 allows an... Moderate Unreviewed
CVE-2025-0635 was published Jan 23, 2025
The Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP plugin for WordPress... Moderate Unreviewed
CVE-2024-12504 was published Jan 23, 2025
The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2024-13340 was published Jan 23, 2025
The Cliptakes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ... Moderate Unreviewed
CVE-2024-13389 was published Jan 23, 2025
Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 allows a highly... Moderate Unreviewed
CVE-2025-0648 was published Jan 23, 2025
The SEO Blogger to WordPress Migration using 301 Redirection plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-13422 was published Jan 23, 2025
Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly... Moderate Unreviewed
CVE-2025-0619 was published Jan 23, 2025
An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a... Moderate Unreviewed
CVE-2024-43708 was published Jan 23, 2025
The Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Post Slider and... Moderate Unreviewed
CVE-2024-12043 was published Jan 23, 2025
The Variation Swatches for WooCommerce plugin, in all versions starting at 1.0.8 up until 1.3.2,... Moderate Unreviewed
CVE-2024-13511 was published Jan 23, 2025
An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a... Moderate Unreviewed
CVE-2024-52972 was published Jan 23, 2025
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered... Moderate Unreviewed
CVE-2025-24529 was published Jan 23, 2025
A server side request forgery vulnerability was identified in Kibana where the /api/fleet... Moderate Unreviewed
CVE-2024-43710 was published Jan 23, 2025
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered... Moderate Unreviewed
CVE-2025-24530 was published Jan 23, 2025
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to cross-site... Moderate Unreviewed
CVE-2023-32340 was published Jan 23, 2025
BigFix Patch Download Plug-ins are affected by path traversal vulnerability. The application... Moderate Unreviewed
CVE-2024-42187 was published Jan 23, 2025
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to stored cross... Moderate Unreviewed
CVE-2023-50309 was published Jan 23, 2025
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component... Moderate Unreviewed
CVE-2024-57723 was published Jan 23, 2025
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component... Moderate Unreviewed
CVE-2024-57724 was published Jan 23, 2025
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component... Moderate Unreviewed
CVE-2024-57721 was published Jan 23, 2025
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component plutovg_blend. Moderate Unreviewed
CVE-2024-57720 was published Jan 23, 2025
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component... Moderate Unreviewed
CVE-2024-57719 was published Jan 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database