Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,476
Erlang
33
GitHub Actions
24
Go
2,203
Maven
5,000+
npm
3,852
NuGet
696
pip
3,637
Pub
12
RubyGems
911
Rust
913
Swift
38
Unreviewed advisories
All unreviewed
5,000+

105,338 advisories

Loading
The EZ SQL Reports Shortcode Widget and DB Backup plugin for WordPress is vulnerable to Cross... High Unreviewed
CVE-2025-2319 was published Mar 25, 2025
The WP Church Donation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... High Unreviewed
CVE-2024-13690 was published Mar 25, 2025
The aoa-downloadable WordPress plugin through 0.1.0 lacks authorization and authentication for... High Unreviewed
CVE-2024-13618 was published Mar 25, 2025
The Stylish Google Sheet Reader 4.0 WordPress plugin before 4.1 does not sanitise and escape a... High Unreviewed
CVE-2024-13863 was published Mar 25, 2025
SQL Injection can occur in the SirsiDynix Horizon Information Portal (IPAC20) through 3.25_9382;... High Unreviewed
CVE-2024-44903 was published Mar 25, 2025
An External Control of File Name or Path vulnerability in the APROL Web Portal used in B&R APROL ... High Unreviewed
CVE-2024-10210 was published Mar 25, 2025
The aoa-downloadable WordPress plugin through 0.1.0 doesn't validate a parameter in its download... High Unreviewed
CVE-2024-13617 was published Mar 25, 2025
An Exposure of Sensitive System Information to an Unauthorized Control Sphere and Initialization... High Unreviewed
CVE-2024-8313 was published Mar 25, 2025
An Incorrect Permission Assignment for Critical Resource vulnerability in the file system used in... High Unreviewed
CVE-2024-10209 was published Mar 25, 2025
A Missing Authentication for Critical Function vulnerability in the GRUB configuration used B&R... High Unreviewed
CVE-2024-45483 was published Mar 25, 2025
An Allocation of Resources Without Limits or Throttling vulnerability in the operating system... High Unreviewed
CVE-2024-45484 was published Mar 25, 2025
A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic... High Unreviewed
CVE-2025-2731 was published Mar 25, 2025
A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic... High Unreviewed
CVE-2025-2732 was published Mar 25, 2025
An Incomplete Filtering of Special Elements vulnerability in scripts using the SSH server on B&R... High Unreviewed
CVE-2024-45481 was published Mar 25, 2025
An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the SSH server on B... High Unreviewed
CVE-2024-45482 was published Mar 25, 2025
A vulnerability, which was classified as critical, was found in H3C Magic NX30 Pro up to V100R007... High Unreviewed
CVE-2025-2727 was published Mar 25, 2025
A vulnerability has been found in H3C Magic NX30 Pro and Magic NX400 up to V100R014 and... High Unreviewed
CVE-2025-2728 was published Mar 25, 2025
A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic... High Unreviewed
CVE-2025-2729 was published Mar 25, 2025
A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic... High Unreviewed
CVE-2025-2730 was published Mar 25, 2025
A vulnerability classified as critical was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400,... High Unreviewed
CVE-2025-2725 was published Mar 25, 2025
A vulnerability, which was classified as critical, has been found in H3C Magic NX15, Magic NX30... High Unreviewed
CVE-2025-2726 was published Mar 25, 2025
ngress-nginx controller - configuration injection via unsanitized auth-tls-match-cn annotation High
CVE-2025-1097 was published for k8s.io/ingress-nginx (Go) Mar 25, 2025
dor-hayun
ingress-nginx controller - configuration injection via unsanitized mirror annotations High
CVE-2025-1098 was published for k8s.io/ingress-nginx (Go) Mar 25, 2025
dor-hayun
ingress-nginx controller - configuration injection via unsanitized auth-url annotation High
CVE-2025-24514 was published for k8s.io/ingress-nginx (Go) Mar 25, 2025
dor-hayun
OpenDaylight SFC Denial of Service (DoS) High
CVE-2025-29313 was published for org.opendaylight.sfc:odl-sfc-openflow-renderer (Maven) Mar 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database