Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4,788 advisories

Loading
A low privileged local attacker can interact with the affected service although user-interaction... High Unreviewed
CVE-2025-41698 was published Aug 5, 2025
A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release... Critical Unreviewed
CVE-2025-6205 was published Aug 4, 2025
The Ultimate Addons for Elementor (Formerly Elementor Header & Footer Builder) plugin for... Moderate Unreviewed
CVE-2025-8488 was published Aug 2, 2025
The SEO Metrics plugin for WordPress is vulnerable to Privilege Escalation due to missing... High Unreviewed
CVE-2025-6754 was published Aug 2, 2025
The WP CTA – Call To Action Plugin, Sticky CTA, Sticky Buttons plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2025-8152 was published Aug 2, 2025
A vulnerability was found in code-projects Online Movie Streaming 1.0. It has been declared as... Moderate Unreviewed
CVE-2025-8435 was published Aug 1, 2025
A vulnerability was found in code-projects Online Movie Streaming 1.0. It has been classified as... Moderate Unreviewed
CVE-2025-8434 was published Aug 1, 2025
The e-School from Ventem has a Missing Authorization vulnerability, allowing remote attackers... High Unreviewed
CVE-2025-8322 was published Jul 30, 2025
The Hydra Booking plugin for WordPress is vulnerable to Privilege Escalation due to a missing... High Unreviewed
CVE-2025-7689 was published Jul 29, 2025
The Bonanza – WooCommerce Free Gifts Lite plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2025-6730 was published Jul 29, 2025
The Brizy – Page Builder plugin for WordPress is vulnerable to limited file uploads due to... Moderate Unreviewed
CVE-2025-4370 was published Jul 29, 2025
HAX CMS API Lacks Authorization Checks High
CVE-2025-54378 was published for @haxtheweb/haxcms-nodejs (Composer) Jul 25, 2025
lfgberg
The Dataverse Integration plugin for WordPress is vulnerable to Privilege Escalation due to... High Unreviewed
CVE-2025-7695 was published Jul 25, 2025
The WP Wallcreeper plugin for WordPress is vulnerable to unauthorized modification of data due to... Moderate Unreviewed
CVE-2025-7822 was published Jul 25, 2025
The Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings |... Critical Unreviewed
CVE-2025-6441 was published Jul 25, 2025
The ONLYOFFICE Docs plugin for WordPress is vulnerable to Privilege Escalation due to missing... Critical Unreviewed
CVE-2025-6380 was published Jul 25, 2025
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 18... Moderate Unreviewed
CVE-2025-1299 was published Jul 25, 2025
The Frontend File Manager Plugin plugin for WordPress is vulnerable to unauthorized loss of data... High Unreviewed
CVE-2023-7306 was published Jul 25, 2025
The Droip plugin for WordPress is vulnerable to unauthorized modification and access of data due... High Unreviewed
CVE-2025-5835 was published Jul 25, 2025
The Platform theme for WordPress is vulnerable to unauthorized modification of data that can lead... Critical Unreviewed
CVE-2015-10143 was published Jul 25, 2025
The Realty Portal – Agent plugin for WordPress is vulnerable to Privilege Escalation due to... High Unreviewed
CVE-2025-6190 was published Jul 23, 2025
The Omnishop plugin for WordPress is vulnerable to Unauthenticated Registration Bypass in all... Moderate Unreviewed
CVE-2025-6215 was published Jul 23, 2025
The bSecure plugin for WordPress is vulnerable to Privilege Escalation due to missing... Critical Unreviewed
CVE-2025-6187 was published Jul 22, 2025
Missing Authorization vulnerability in Drupal File Download allows Forceful Browsing.This issue... High Unreviewed
CVE-2025-7717 was published Jul 21, 2025
Headwind MDM before 5.33.1 makes configuration details accessible to unauthorized users. The... Moderate Unreviewed
CVE-2025-43720 was published Jul 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database