Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,792
Erlang
36
GitHub Actions
29
Go
2,377
Maven
5,000+
npm
4,002
NuGet
720
pip
3,802
Pub
12
RubyGems
927
Rust
984
Swift
38
Unreviewed advisories
All unreviewed
5,000+

9,662 advisories

Loading
The Download Manager and Payment Form WordPress Plugin – WP SmartPay plugin for WordPress is... Moderate Unreviewed
CVE-2025-3851 was published May 7, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Crestron Automate VX... Moderate Unreviewed
CVE-2025-47418 was published May 6, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Crestron Automate VX... Moderate Unreviewed
CVE-2025-47417 was published May 6, 2025
Out-of-bounds data read vulnerability in the authorization module Impact: Successful exploitation... Moderate Unreviewed
CVE-2025-46591 was published May 6, 2025
Vulnerability of insufficient information protection in the media library module Impact:... Moderate Unreviewed
CVE-2024-58252 was published May 6, 2025
Keystone has an unintended `isFilterable` bypass that can be used as an oracle to match hidden fields Low
CVE-2025-46720 was published for @keystone-6/core (npm) May 5, 2025
emmatown dcousens
A vulnerability, which was classified as problematic, was found in Shenzhen Sixun Software Sixun... Moderate Unreviewed
CVE-2025-4281 was published May 5, 2025
A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been declared as problematic.... Moderate Unreviewed
CVE-2025-4271 was published May 5, 2025
A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been classified as problematic.... Moderate Unreviewed
CVE-2025-4270 was published May 5, 2025
The Database Toolset plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2025-4222 was published May 3, 2025
Information Disclosure via Flags override link Moderate
CVE-2025-46332 was published for @vercel/flags (npm) May 2, 2025
The Yame | Link In Bio plugin for WordPress is vulnerable to Sensitive Information Exposure in... Moderate Unreviewed
CVE-2025-2880 was published May 2, 2025
APM server logs could contain parts of the document body from a partially failed bulk index... Moderate Unreviewed
CVE-2024-11994 was published May 1, 2025
Exposure of sensitive information to local unauthorized actors in Elastic Agent and Elastic... Moderate Unreviewed
CVE-2023-46669 was published May 1, 2025
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15... Moderate Unreviewed
CVE-2025-24270 was published Apr 29, 2025
A vulnerability was found in dazhouda lecms 3.0.3. It has been rated as problematic. Affected by... Moderate Unreviewed
CVE-2025-3978 was published Apr 27, 2025
A vulnerability was found in ScriptAndTools eCommerce-website-in-PHP 3.0 and classified as... Moderate Unreviewed
CVE-2025-3975 was published Apr 27, 2025
A vulnerability was found in itwanger paicoding 1.0.3 and classified as problematic. Affected by... Moderate Unreviewed
CVE-2025-3966 was published Apr 27, 2025
NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace. High Unreviewed
CVE-2025-32983 was published Apr 25, 2025
NETSCOUT nGeniusONE before 6.4.0 b2350 has a Sensitive File Accessible Without Proper... High Unreviewed
CVE-2025-32986 was published Apr 25, 2025
Moodle allows unauthenticated REST API user data exposure High
CVE-2025-32044 was published for moodle/moodle (Composer) Apr 25, 2025
Moodle reveals student identities through assignment submissions search on anonymous submissions Moderate
CVE-2025-3628 was published for moodle/moodle (Composer) Apr 25, 2025
The Prevent Direct Access – Protect WordPress Files plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-3923 was published Apr 25, 2025
The Memberpress plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-11299 was published Apr 22, 2025
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed
CVE-2025-23174 was published Apr 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database