GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+
6,195 advisories
Filter by severity
The Customer Email Verification for WooCommerce plugin for WordPress is vulnerable to Sensitive...
Moderate
Unreviewed
CVE-2024-13525
was published
Feb 15, 2025
The Return Refund and Exchange For WooCommerce – Return Management System, RMA Exchange, Wallet...
Moderate
Unreviewed
CVE-2024-13641
was published
Feb 14, 2025
An issue in AnkiDroid Android Application v2.17.6 allows attackers to retrieve internal files...
Moderate
Unreviewed
CVE-2024-44336
was published
Feb 12, 2025
GeoNetwork search end-point information disclosure in response headers
Moderate
CVE-2024-32037
was published
for
org.geonetwork-opensource:gn-services
(Maven)
Feb 11, 2025
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are...
Moderate
Unreviewed
CVE-2025-24408
was published
Feb 11, 2025
A vulnerability classified as problematic was found in RT-Thread up to 5.1.0. Affected by this...
Moderate
Unreviewed
CVE-2025-1115
was published
Feb 8, 2025
A vulnerability has been identified in GoldPanKit eva-server v4.1.0. It affects the path...
Moderate
Unreviewed
CVE-2024-54909
was published
Feb 7, 2025
Permission verification vulnerability in the media library module
Impact: Successful exploitation...
Moderate
Unreviewed
CVE-2024-57954
was published
Feb 6, 2025
Arbitrary write vulnerability in the Gallery module
Impact: Successful exploitation of this...
Moderate
Unreviewed
CVE-2024-57955
was published
Feb 6, 2025
A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and...
Moderate
Unreviewed
CVE-2025-20207
was published
Feb 5, 2025
The WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto plugin for...
Moderate
Unreviewed
CVE-2024-13829
was published
Feb 5, 2025
Grafana Alerting VictorOps integration could be exposed to users with Viewer permission
Moderate
CVE-2024-11741
was published
for
github.com/grafana/grafana
(Go)
Jan 31, 2025
The Order Export for WooCommerce plugin for WordPress is vulnerable to Sensitive Information...
Moderate
Unreviewed
CVE-2024-13623
was published
Jan 31, 2025
Argo CD does not scrub secret values from patch errors
Moderate
CVE-2025-23216
was published
for
github.com/argoproj/argo-cd
(Go)
Jan 30, 2025
Kubewarden-Controller information leak via AdmissionPolicyGroup Resource
Moderate
CVE-2025-24784
was published
for
github.com/kubewarden/kubewarden-controller
(Go)
Jan 30, 2025
The Elementor Website Builder Pro plugin for WordPress is vulnerable to Sensitive Information...
Moderate
Unreviewed
CVE-2024-8494
was published
Jan 30, 2025
kube-audit-rest's example logging configuration could disclose secret values in the audit log
Moderate
CVE-2025-24884
was published
for
github.com/RichardoC/kube-audit-rest
(Go)
Jan 29, 2025
Opening a malicious website while running a Nuxt dev server could allow read-only access to code
Moderate
CVE-2025-24360
was published
for
@nuxt/vite-builder
(npm)
Jan 27, 2025
The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Sensitive...
Moderate
Unreviewed
CVE-2024-11090
was published
Jan 26, 2025
HL7 FHIR IG Publisher potentially exposes GitHub repo user and credential information
Moderate
CVE-2025-24363
was published
for
org.hl7.fhir.publisher:org.hl7.fhir.publisher.cli
(Maven)
Jan 24, 2025
Cilium has an information leakage via insecure default Hubble UI CORS header
Moderate
CVE-2025-23047
was published
for
github.com/cilium/cilium
(Go)
Jan 22, 2025
Umbraco Allows User Enumeration Feasible Based On Management API Timing and Response Codes
Moderate
CVE-2025-24011
was published
for
Umbraco.Cms
(NuGet)
Jan 21, 2025
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction &...
Moderate
Unreviewed
CVE-2025-0318
was published
Jan 18, 2025
The Moving Users plugin for WordPress is vulnerable to Sensitive Information Exposure in all...
Moderate
Unreviewed
CVE-2024-12637
was published
Jan 17, 2025
A vulnerability classified as problematic has been found in D-Link DIR-878 1.03. Affected is an...
Moderate
Unreviewed
CVE-2025-0481
was published
Jan 15, 2025
ProTip!
Advisories are also available from the
GraphQL API