GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,309
Composer 4,359
Erlang 33
GitHub Actions 22
Go 2,126
Maven 5,307
npm 3,787
NuGet 683
pip 3,467
Pub 12
RubyGems 894
Rust 892
Swift 38

Unreviewed advisories

All unreviewed 244,690

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

114,356 advisories

Filter by severity

Sort by

Least recently updated

This vulnerability exists in RupeeWeb trading platform due to missing rate limiting on OTP... Moderate Unreviewed

CVE-2025-26524 was published Feb 14, 2025

Bit Assist plugin for WordPress is vulnerable to Path Traversal in all versions up to, and... Moderate Unreviewed

CVE-2024-13791 was published Feb 14, 2025

The HurryTimer – An Scarcity and Urgency Countdown Timer for WordPress & WooCommerce plugin for... Moderate Unreviewed

CVE-2024-13735 was published Feb 14, 2025

Bit Assist plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter... Moderate Unreviewed

CVE-2025-0821 was published Feb 14, 2025

app/Model/Attribute.php in MISP before 2.4.198 ignores an ACL during a GUI attribute search. Moderate Unreviewed

CVE-2024-57969 was published Feb 14, 2025

An issue was discovered in Logpoint AgentX before 1.5.0. A vulnerability caused by limited access... Moderate Unreviewed

CVE-2025-26789 was published Feb 14, 2025

The Qubely – Advanced Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-9601 was published Feb 14, 2025

DOMPurify before 3.2.4 has an incorrect template literal regular expression, sometimes leading to... Moderate Unreviewed

CVE-2025-26791 was published Feb 14, 2025

Out-of-bounds read vulnerability caused by improper checking of TCP MSS option values exists in... Moderate Unreviewed

CVE-2025-23406 was published Feb 14, 2025

The Return Refund and Exchange For WooCommerce – Return Management System, RMA Exchange, Wallet... Moderate Unreviewed

CVE-2024-13641 was published Feb 14, 2025

The Return Refund and Exchange For WooCommerce – Return Management System, RMA Exchange, Wallet... Moderate Unreviewed

CVE-2024-13692 was published Feb 14, 2025

CalInvocationHandler in Brocade SANnav before 2.3.1b logs sensitive information in clear text.... Moderate Unreviewed

CVE-2024-10404 was published Feb 14, 2025

With a specially crafted Python script, an attacker could send continuous startMeasurement... Moderate Unreviewed

CVE-2025-24836 was published Feb 14, 2025

An attacker could obtain firmware files and reverse engineer their intended use leading to loss... Moderate Unreviewed

CVE-2025-23421 was published Feb 14, 2025

ZF Roll Stability Support Plus (RSSPlus) is vulnerable to an authentication bypass vulnerability... Moderate Unreviewed

CVE-2024-12054 was published Feb 14, 2025

The Qardio Arm iOS application exposes sensitive data such as usernames and passwords in a plist... Moderate Unreviewed

CVE-2025-20615 was published Feb 14, 2025

mySCADA myPRO Manager is vulnerable to cross-site request forgery (CSRF), which could allow an... Moderate Unreviewed

CVE-2025-23411 was published Feb 14, 2025

An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6 through 2021. A... Moderate Unreviewed

CVE-2024-37600 was published Feb 14, 2025

An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6 through 2021. A... Moderate Unreviewed

CVE-2024-37602 was published Feb 14, 2025

A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the username and... Moderate Unreviewed

CVE-2025-25900 was published Feb 13, 2025

A CWE-598 “Use of GET Request Method with Sensitive Query Strings” was discovered affecting the... Moderate Unreviewed

CVE-2024-12012 was published Feb 13, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-26574 was published Feb 13, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-26561 was published Feb 13, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-26558 was published Feb 13, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-26567 was published Feb 13, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

114,356 advisories