Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,633
Erlang
34
GitHub Actions
25
Go
2,239
Maven
5,000+
npm
3,900
NuGet
701
pip
3,667
Pub
12
RubyGems
914
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

9,442 advisories

Loading
The WP STAGING Pro WordPress Backup Plugin for WordPress is vulnerable to Information Exposure in... Moderate Unreviewed
CVE-2025-3104 was published Apr 16, 2025
Interface exposure vulnerability in the mobile application (com.transsion.carlcare) may lead to ... High Unreviewed
CVE-2025-3698 was published Apr 16, 2025
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). ... High Unreviewed
CVE-2025-30724 was published Apr 15, 2025
Vulnerability in the Fleet Patching and amp; Provisioning component of Oracle Database Server. ... Moderate Unreviewed
CVE-2025-30702 was published Apr 15, 2025
cashbook v4.0.3 has an arbitrary file read vulnerability in /api/entry/flow/invoice/show?invoice=. Moderate Unreviewed
CVE-2025-27980 was published Apr 15, 2025
The Cart66 Cloud plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2025-2841 was published Apr 12, 2025
The Developer Toolbar plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2025-2881 was published Apr 12, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in The Wikimedia... Moderate Unreviewed
CVE-2025-32080 was published Apr 11, 2025
Vite has an `server.fs.deny` bypass with an invalid `request-target` Moderate
CVE-2025-32395 was published for vite (npm) Apr 11, 2025
do9gy-msec sw0rd1ight
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation... Low Unreviewed
CVE-2025-32698 was published Apr 10, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation... Low Unreviewed
CVE-2025-32700 was published Apr 10, 2025
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the User Interface... Moderate Unreviewed
CVE-2025-30654 was published Apr 9, 2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Information Exposure... Moderate Unreviewed
CVE-2025-30291 was published Apr 8, 2025
Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an... High Unreviewed
CVE-2025-29805 was published Apr 8, 2025
Exposure of sensitive information to an unauthorized actor in Windows Power Dependency... Moderate Unreviewed
CVE-2025-27736 was published Apr 8, 2025
Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access... Moderate Unreviewed
CVE-2025-26667 was published Apr 8, 2025
The Accept SagePay Payments Using Contact Form 7 plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2025-2883 was published Apr 8, 2025
The GreenPay(tm) by Green.Money plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2025-2882 was published Apr 8, 2025
The Melhor Envio plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-13820 was published Apr 8, 2025
A vulnerability was found in Vivotek NVR ND8422P, NVR ND9525P and NVR ND9541P 2.4.0.204/3.3.0.104... Moderate Unreviewed
CVE-2025-3403 was published Apr 8, 2025
The KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base Plugin plugin for... High Unreviewed
CVE-2024-13604 was published Apr 7, 2025
There may be information disclosure during memory re-allocation in TZ Secure OS. Moderate Unreviewed
CVE-2024-43046 was published Apr 7, 2025
File read permission bypass vulnerability in the kernel file system module Impact: Successful... Moderate Unreviewed
CVE-2025-31171 was published Apr 7, 2025
Path traversal vulnerability in the DFS module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2025-31174 was published Apr 7, 2025
The Simple Membership plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-11088 was published Apr 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database