Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,815
Erlang
36
GitHub Actions
32
Go
2,401
Maven
5,000+
npm
4,044
NuGet
723
pip
3,830
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4,781 advisories

Loading
The e-School from Ventem has a Missing Authorization vulnerability, allowing remote attackers... High Unreviewed
CVE-2025-8322 was published Jul 30, 2025
The Bonanza – WooCommerce Free Gifts Lite plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2025-6730 was published Jul 29, 2025
The Hydra Booking plugin for WordPress is vulnerable to Privilege Escalation due to a missing... High Unreviewed
CVE-2025-7689 was published Jul 29, 2025
The Brizy – Page Builder plugin for WordPress is vulnerable to limited file uploads due to... Moderate Unreviewed
CVE-2025-4370 was published Jul 29, 2025
HAX CMS API Lacks Authorization Checks High
CVE-2025-54378 was published for @haxtheweb/haxcms-nodejs (Composer) Jul 25, 2025
lfgberg
The Dataverse Integration plugin for WordPress is vulnerable to Privilege Escalation due to... High Unreviewed
CVE-2025-7695 was published Jul 25, 2025
The Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings |... Critical Unreviewed
CVE-2025-6441 was published Jul 25, 2025
The WP Wallcreeper plugin for WordPress is vulnerable to unauthorized modification of data due to... Moderate Unreviewed
CVE-2025-7822 was published Jul 25, 2025
The ONLYOFFICE Docs plugin for WordPress is vulnerable to Privilege Escalation due to missing... Critical Unreviewed
CVE-2025-6380 was published Jul 25, 2025
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 18... Moderate Unreviewed
CVE-2025-1299 was published Jul 25, 2025
The Droip plugin for WordPress is vulnerable to unauthorized modification and access of data due... High Unreviewed
CVE-2025-5835 was published Jul 25, 2025
The Frontend File Manager Plugin plugin for WordPress is vulnerable to unauthorized loss of data... High Unreviewed
CVE-2023-7306 was published Jul 25, 2025
The Platform theme for WordPress is vulnerable to unauthorized modification of data that can lead... Critical Unreviewed
CVE-2015-10143 was published Jul 25, 2025
The Realty Portal – Agent plugin for WordPress is vulnerable to Privilege Escalation due to... High Unreviewed
CVE-2025-6190 was published Jul 23, 2025
The Omnishop plugin for WordPress is vulnerable to Unauthenticated Registration Bypass in all... Moderate Unreviewed
CVE-2025-6215 was published Jul 23, 2025
The bSecure plugin for WordPress is vulnerable to Privilege Escalation due to missing... Critical Unreviewed
CVE-2025-6187 was published Jul 22, 2025
Headwind MDM before 5.33.1 makes configuration details accessible to unauthorized users. The... Moderate Unreviewed
CVE-2025-43720 was published Jul 21, 2025
Missing Authorization vulnerability in Drupal File Download allows Forceful Browsing.This issue... High Unreviewed
CVE-2025-7717 was published Jul 21, 2025
The Vchasno Kasa plugin for WordPress is vulnerable to unauthorized loss of data due to a missing... Moderate Unreviewed
CVE-2025-6720 was published Jul 19, 2025
The Vchasno Kasa plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed
CVE-2025-6721 was published Jul 19, 2025
Missing authorization in Azure Machine Learning allows an authorized attacker to elevate... Critical Unreviewed
CVE-2025-49747 was published Jul 18, 2025
The Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal plugin for WordPress is... Moderate Unreviewed
CVE-2025-7772 was published Jul 18, 2025
The Block Editor Gallery Slider plugin for WordPress is vulnerable to unauthorized modification... Moderate Unreviewed
CVE-2025-6726 was published Jul 18, 2025
The B1.lt plugin for WordPress is vulnerable to SQL Injection due to a missing capability check... High Unreviewed
CVE-2025-6718 was published Jul 18, 2025
The Listly: Listicles For WordPress plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2025-5811 was published Jul 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database