Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,688
Erlang
34
GitHub Actions
26
Go
2,274
Maven
5,000+
npm
3,930
NuGet
706
pip
3,696
Pub
12
RubyGems
919
Rust
955
Swift
38
Unreviewed advisories
All unreviewed
5,000+

11,907 advisories

Loading
The EasyEvent WordPress plugin through 1.0.0 does not sanitise and escape some of its settings,... Low Unreviewed
CVE-2024-3628 was published May 7, 2024
Apache Commons Configuration Uncontrolled Resource Consumption Low
CVE-2025-46392 was published for commons-configuration:commons-configuration (Maven) May 9, 2025
trailer mishandles allocating with a size of zero Low
CVE-2025-47737 was published for trailer (Rust) May 9, 2025
libsql-sqlite3-parser crash due to invalid UTF-8 input Low
CVE-2025-47736 was published for libsql-sqlite3-parser (Rust) May 9, 2025
wgp race condition in inner::drop Low
CVE-2025-47735 was published for wgp (Rust) May 9, 2025
AWS secrets displayed without masking by Jenkins S3 Explorer Plugin Low
CVE-2022-43426 was published for io.jenkins.plugins:s3explorer (Maven) Oct 19, 2022
NotMyFault
OpenStack Ironic fails to restrict paths used for file:// image URLs Low
CVE-2025-44021 was published for ironic (pip) May 8, 2025
Trix vulnerable to Cross-site Scripting on copy & paste Low
CVE-2025-46812 was published for trix (npm) May 8, 2025
The Button Generator WordPress plugin before 3.0 does not have CSRF check in place when bulk... Low Unreviewed
CVE-2024-3471 was published May 2, 2024
The Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat,... Low Unreviewed
CVE-2024-2972 was published Apr 24, 2024
The Social Media Share Buttons & Social Sharing Icons WordPress plugin before 2.8.9 does not... Low Unreviewed
CVE-2024-2118 was published Apr 17, 2024
The Form Maker by 10Web WordPress plugin before 1.15.31 does not sanitise and escape some of its... Low Unreviewed
CVE-2024-10562 was published Jan 7, 2025
HCL DRYiCE MyXalytics is impacted by an insecure SQL interface vulnerability, potentially giving... Low Unreviewed
CVE-2023-50347 was published Apr 10, 2024
Rapid7 Corporate Website prior to May 2nd 2025, suffered from a URL Redirection to Untrusted Site... Low Unreviewed
CVE-2025-4132 was published May 8, 2025
The TeleMessage archiving backend through 2025-05-05 holds cleartext copies of messages from TM... Low Unreviewed
CVE-2025-47729 was published May 8, 2025
The Calculated Fields Form WordPress plugin before 5.2.62 does not sanitise and escape some of... Low Unreviewed
CVE-2024-13381 was published May 1, 2025
Free5gc v3.2.1 is vulnerable to Information disclosure. Low Unreviewed
CVE-2022-38870 was published Oct 25, 2022
Xuxueli xxl-job template injection vulnerability Low
CVE-2024-3366 was published for com.xuxueli:xxl-job-core (Maven) Apr 6, 2024
The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings,... Low Unreviewed
CVE-2025-3502 was published May 1, 2025
The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings,... Low Unreviewed
CVE-2025-3504 was published May 1, 2025
The Ajax Search Lite WordPress plugin before 4.12.5 does not sanitise and escape some of its... Low Unreviewed
CVE-2024-13585 was published Feb 21, 2025
The Newsletter WordPress plugin before 8.7.1 does not sanitise and escape some of its settings,... Low Unreviewed
CVE-2025-3583 was published May 5, 2025
The Carousel, Slider, Gallery by WP Carousel WordPress plugin before 2.7.4 does not sanitise and... Low Unreviewed
CVE-2024-13314 was published Feb 21, 2025
scanner has a Public API without sufficient bounds checking Low
GHSA-79m9-55jc-p6mw was published for scanner (Rust) May 7, 2025
Use of implicit intent for sensitive communication in translation in Samsung Notes prior to... Low Unreviewed
CVE-2025-20977 was published May 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database