Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

281 advisories

Loading
The CRM Memberships plugin for WordPress is vulnerable to privilege escalation via password reset... Critical Unreviewed
CVE-2025-13313 was published Dec 5, 2025
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to unauthorized modification... Critical Unreviewed
CVE-2025-13342 was published Dec 3, 2025
Mautic user without privileged access to the Marketplace can install and uninstall composer packages Critical
CVE-2025-13828 was published for mautic/core (Composer) Dec 2, 2025
driskell escopecz
patrykgruszka
Credited to driskell, escopecz, and patrykgruszka
An issue was discovered in classroomio 0.1.13. Student accounts are able to delete courses from... Critical Unreviewed
CVE-2025-65669 was published Nov 26, 2025
Missing Authorization vulnerability in sertifier Sertifier Certificate & Badge Maker sertifier... Critical Unreviewed
CVE-2025-53214 was published Nov 6, 2025
Missing Authorization vulnerability in Mark O'Donnell MSTW CSV EXPORTER mstw-csv-exporter allows... Critical Unreviewed
CVE-2025-62944 was published Oct 27, 2025
Missing Authorization vulnerability in epiphanyit321 Referral Link Tracker referral-link-tracker... Critical Unreviewed
CVE-2025-62906 was published Oct 27, 2025
Missing Authorization vulnerability in vanquish WooCommerce Orders & Customers Exporter... Critical Unreviewed
CVE-2025-53424 was published Oct 22, 2025
Missing Authorization vulnerability in themeshopy TS Demo Importer ts-demo-importer allows... Critical Unreviewed
CVE-2025-62919 was published Oct 27, 2025
Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart... Critical Unreviewed
CVE-2025-62892 was published Oct 27, 2025
Missing Authorization vulnerability in gerritvanaaken Podlove Web Player podlove-web-player... Critical Unreviewed
CVE-2025-62908 was published Oct 27, 2025
Missing Authorization vulnerability in Wikimedia Foundation Wikipedia Preview wikipedia-preview... Critical Unreviewed
CVE-2025-52738 was published Oct 22, 2025
Nagios XI versions prior to 2024R1 contain a missing access control vulnerability via the Web SSH... Critical Unreviewed
CVE-2023-7317 was published Oct 31, 2025
The Simple User Capabilities plugin for WordPress is vulnerable to Privilege Escalation due to a... Critical Unreviewed
CVE-2025-12158 was published Nov 4, 2025
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in... Critical Unreviewed
CVE-2025-24249 was published Apr 1, 2025
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Ventura... Critical Unreviewed
CVE-2025-24259 was published Apr 1, 2025
This issue was addressed by adding a delay between verification code attempts. This issue is... Critical Unreviewed
CVE-2025-24245 was published Apr 1, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in visionOS 2.4,... Critical Unreviewed
CVE-2025-31182 was published Apr 1, 2025
An access issue was addressed with additional sandbox restrictions on the system pasteboards.... Critical Unreviewed
CVE-2025-30461 was published Apr 1, 2025
An authentication issue was addressed with improved state management. This issue is fixed in... Critical Unreviewed
CVE-2025-31194 was published Apr 1, 2025
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma... Critical Unreviewed
CVE-2025-30448 was published May 13, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-24181 was published Apr 1, 2025
The Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App plugin for... Critical Unreviewed
CVE-2025-11833 was published Nov 1, 2025
ELOG allows an authenticated user to modify or overwrite the configuration file, resulting in... Critical Unreviewed
CVE-2025-64348 was published Oct 31, 2025
A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release... Critical Unreviewed
CVE-2025-6205 was published Aug 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database