Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

95,183 advisories

Loading
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to... High Unreviewed
CVE-2024-10574 was published Jan 26, 2025
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to SQL... High Unreviewed
CVE-2024-10628 was published Jan 26, 2025
xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free. High Unreviewed
CVE-2022-49043 was published Jan 26, 2025
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2024-10633 was published Jan 26, 2025
Local privilege escalation due to incorrect assignment of privileges of temporary files in the... High Unreviewed
CVE-2025-0542 was published Jan 25, 2025
Local privilege escalation in G DATA Security Client due to incorrect assignment of privileges to... High Unreviewed
CVE-2025-0543 was published Jan 25, 2025
IBM Analytics Content Hub 2.0 is vulnerable to a buffer overflow due to improper return length... High Unreviewed
CVE-2024-39750 was published Jan 25, 2025
The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is... High Unreviewed
CVE-2024-13562 was published Jan 25, 2025
The Custom Product Tabs Lite for WooCommerce plugin for WordPress is vulnerable to PHP Object... High Unreviewed
CVE-2024-12600 was published Jan 25, 2025
The ThemeREX Addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up... High Unreviewed
CVE-2025-0682 was published Jan 25, 2025
7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass... High Unreviewed
CVE-2025-0411 was published Jan 25, 2025
A vulnerability was found in Rise Group Rise Mode Temp CPU 2.1. It has been classified as... High Unreviewed
CVE-2025-0707 was published Jan 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-24728 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in mgplugin Roi Calculator allows Stored XSS.... High Unreviewed
CVE-2025-24756 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Laymance Technologies LLC MachForm Shortcode... High Unreviewed
CVE-2025-24636 was published Jan 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-24659 was published Jan 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-24663 was published Jan 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-24672 was published Jan 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-24669 was published Jan 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-24683 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in SubscriptionDNA.com Subscription DNA allows... High Unreviewed
CVE-2025-24555 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24570 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Optimal Access Inc. KBucket allows Stored XSS.... High Unreviewed
CVE-2025-24562 was published Jan 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-24587 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ReviewsTap ReviewsTap allows Stored XSS. This... High Unreviewed
CVE-2025-24561 was published Jan 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database