Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

121,922 advisories

Loading
LibreNMS Ports Stored Cross-site Scripting vulnerability Moderate
CVE-2025-23199 was published for librenms/librenms (Composer) Jan 16, 2025
tCu0n9
LibreNMS Display Name Stored Cross-site Scripting vulnerability Moderate
CVE-2025-23198 was published for librenms/librenms (Composer) Jan 16, 2025
tCu0n9
CVE-2024-5138: snapd snapctl auth bypass Moderate
CVE-2024-5138 was published for github.com/snapcore/snapd (Go) Jan 16, 2025
rmcnamara-snyk
LibreNMS Display Name 2 Stored Cross-site Scripting vulnerability Moderate
CVE-2024-56144 was published for librenms/librenms (Composer) Jan 16, 2025
tCu0n9
Vulnerability in the PMB platform that allows an attacker to persist temporary files on the... Moderate Unreviewed
CVE-2025-0473 was published Jan 16, 2025
The Admin and Customer Messages After Order for WooCommerce: OrderConvo plugin for WordPress is... Moderate Unreviewed
CVE-2024-13355 was published Jan 16, 2025
The Multi Step Form plugin for WordPress is vulnerable to unauthorized limited file upload due to... Moderate Unreviewed
CVE-2024-12427 was published Jan 16, 2025
The Passwords Manager plugin for WordPress is vulnerable to SQL Injection via the $wpdb->prefix... Moderate Unreviewed
CVE-2024-12615 was published Jan 16, 2025
The WP Responsive Tabs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-13387 was published Jan 16, 2025
In affected versions of the Octopus Kubernetes worker or agent, sensitive variables could be... Moderate Unreviewed
CVE-2024-12226 was published Jan 16, 2025
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet... Moderate Unreviewed
CVE-2024-48885 was published Jan 16, 2025
The WP User Profile Avatar plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed
CVE-2024-10789 was published Jan 16, 2025
The Chamber Dashboard Business Directory plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-11452 was published Jan 16, 2025
The The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-10970 was published Jan 16, 2025
The DWT - Directory & Listing WordPress Theme is vulnerable to Reflected Cross-Site Scripting in... Moderate Unreviewed
CVE-2025-0170 was published Jan 16, 2025
Mattermost Mobile Apps versions <=2.22.0 fail to properly handle specially crafted attachment... Moderate Unreviewed
CVE-2025-0476 was published Jan 16, 2025
A cross-site scripting (XSS) vulnerability in Process Maker pm4core-docker 4.1.21-RC7 allows... Moderate Unreviewed
CVE-2024-41453 was published Jan 16, 2025
The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to Reflected... Moderate Unreviewed
CVE-2025-0215 was published Jan 16, 2025
A vulnerability classified as critical was found in Fanli2012 native-php-cms 1.0. This... Moderate Unreviewed
CVE-2025-0489 was published Jan 16, 2025
A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0.... Moderate Unreviewed
CVE-2025-0491 was published Jan 16, 2025
A vulnerability, which was classified as critical, has been found in Fanli2012 native-php-cms 1.0... Moderate Unreviewed
CVE-2025-0490 was published Jan 16, 2025
parse-uri Regular expression Denial of Service (ReDoS) Moderate
CVE-2024-36751 was published for parse-uri (npm) Jan 16, 2025
A vulnerability classified as critical has been found in Fanli2012 native-php-cms 1.0. This... Moderate Unreviewed
CVE-2025-0488 was published Jan 15, 2025
A vulnerability was found in Fanli2012 native-php-cms 1.0. It has been rated as critical.... Moderate Unreviewed
CVE-2025-0487 was published Jan 15, 2025
A vulnerability was found in Fanli2012 native-php-cms 1.0. It has been declared as critical.... Moderate Unreviewed
CVE-2025-0486 was published Jan 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database