Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,412
Erlang
33
GitHub Actions
22
Go
2,148
Maven
5,000+
npm
3,814
NuGet
689
pip
3,487
Pub
12
RubyGems
901
Rust
900
Swift
38
Unreviewed advisories
All unreviewed
5,000+

24,708 advisories

Loading
The Newscrunch theme for WordPress is vulnerable to arbitrary file uploads due to a missing... Critical Unreviewed
CVE-2025-1307 was published Mar 4, 2025
The Donations Widget plugin for WordPress is vulnerable to PHP Object Injection in all versions... Critical Unreviewed
CVE-2025-0912 was published Mar 4, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-27268 was published Mar 3, 2025
Missing Authorization vulnerability in NotFound Residential Address Detection allows Privilege... Critical Unreviewed
CVE-2025-27270 was published Mar 3, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-26988 was published Mar 3, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in NotFound Ark Theme... Critical Unreviewed
CVE-2025-26970 was published Mar 3, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-26535 was published Mar 3, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-25150 was published Mar 3, 2025
SQL injection vulnerability have been found in 101news affecting version 1.0 through the ... Critical Unreviewed
CVE-2025-1872 was published Mar 3, 2025
SQL injection vulnerability have been found in 101news affecting version 1.0 through the ... Critical Unreviewed
CVE-2025-1874 was published Mar 3, 2025
SQL injection vulnerability have been found in 101news affecting version 1.0 through the ... Critical Unreviewed
CVE-2025-1873 was published Mar 3, 2025
SQL injection vulnerability have been found in 101news affecting version 1.0 through the ... Critical Unreviewed
CVE-2025-1870 was published Mar 3, 2025
SQL injection vulnerability have been found in 101news affecting version 1.0 through the ... Critical Unreviewed
CVE-2025-1871 was published Mar 3, 2025
SQL injection vulnerability have been found in 101news affecting version 1.0 through the ... Critical Unreviewed
CVE-2025-1875 was published Mar 3, 2025
SQL injection vulnerability have been found in 101news affecting version 1.0 through the ... Critical Unreviewed
CVE-2025-1869 was published Mar 3, 2025
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in warmcat... Critical Unreviewed
CVE-2025-1866 was published Mar 3, 2025
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in... Critical Unreviewed
CVE-2025-1867 was published Mar 3, 2025
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in... Critical Unreviewed
CVE-2025-1864 was published Mar 3, 2025
Oxidized Web RANCID migration page allows unauthenticated user to gain control over Linux user account Critical
CVE-2025-27590 was published for oxidized-web (RubyGems) Mar 3, 2025
The SetSail Membership plugin for WordPress is vulnerable to in all versions up to, and... Critical Unreviewed
CVE-2025-1564 was published Mar 1, 2025
The Academist Membership plugin for WordPress is vulnerable to Privilege Escalation in all... Critical Unreviewed
CVE-2025-1671 was published Mar 1, 2025
The Alloggio Membership plugin for WordPress is vulnerable to Authentication Bypass in all... Critical Unreviewed
CVE-2025-1638 was published Mar 1, 2025
The Nokri – Job Board WordPress Theme theme for WordPress is vulnerable to privilege escalation... Critical Unreviewed
CVE-2024-12824 was published Mar 1, 2025
ToDesktop before 2024-10-03, as used by Cursor before 2024-10-03 and other applications, allows... Critical Unreviewed
CVE-2025-27554 was published Mar 1, 2025
An Authentication Bypass vulnerability on UniFi Protect Application with Auto-Adopt Bridge... Critical Unreviewed
CVE-2025-23116 was published Mar 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database