GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,093
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,087
Maven 5,251
npm 3,751
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,771

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

112,775 advisories

Filter by severity

Sort by

Least recently updated

The 1003 Mortgage Application plugin for WordPress is vulnerable to Full Path Disclosure in all... Moderate Unreviewed

CVE-2024-13536 was published Jan 21, 2025

IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.24, 7.1 through 7.1.2.10, and 7.2 through 7.2.3.13... Moderate Unreviewed

CVE-2024-45091 was published Jan 21, 2025

In libebml before 1.4.5, an integer overflow in MemIOCallback.cpp can occur when reading or... Moderate Unreviewed

CVE-2023-52339 was published Jan 12, 2024

IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses Cross-Origin... Moderate Unreviewed

CVE-2024-22348 was published Jan 20, 2025

IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses weaker than... Moderate Unreviewed

CVE-2024-22347 was published Jan 20, 2025

IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 allows web pages to be... Moderate Unreviewed

CVE-2024-22349 was published Jan 20, 2025

IBM Security Verify Access 10.0.0 through 10.0.8 and IBM Security Verify Access Docker 10.0.0... Moderate Unreviewed

CVE-2024-45647 was published Jan 20, 2025

A vulnerability was found in Shiprocket Module 3 on OpenCart. It has been rated as critical.... Moderate Unreviewed

CVE-2025-0580 was published Jan 20, 2025

The a+HRD from aEnrich Technology has a Server-side Request Forgery, allowing unauthenticated... Moderate Unreviewed

CVE-2025-0584 was published Jan 20, 2025

A vulnerability classified as critical was found in itsourcecode Farm Management System up to 1.0... Moderate Unreviewed

CVE-2025-0582 was published Jan 20, 2025

A vulnerability was found in Shiprocket Module 3/4 on OpenCart. It has been declared as critical.... Moderate Unreviewed

CVE-2025-0579 was published Jan 20, 2025

A vulnerability classified as problematic has been found in CampCodes School Management Software... Moderate Unreviewed

CVE-2025-0581 was published Jan 20, 2025

The a+HRD from aEnrich Technology has a Reflected Cross-site Scripting vulnerability, allowing... Moderate Unreviewed

CVE-2025-0583 was published Jan 20, 2025

A vulnerability was found in Facile Sistemas Cloud Apps up to 20250107. It has been classified as... Moderate Unreviewed

CVE-2025-0578 was published Jan 20, 2025

A vulnerability was found in Mobotix M15 4.3.4.83 and classified as problematic. This issue... Moderate Unreviewed

CVE-2025-0576 was published Jan 20, 2025

The Import any XML or CSV File to WordPress PRO plugin for WordPress is vulnerable to Stored... Moderate Unreviewed

CVE-2024-8722 was published Jan 19, 2025

A vulnerability was found in code-projects Fantasy-Cricket 1.0. It has been declared as critical.... Moderate Unreviewed

CVE-2025-0564 was published Jan 19, 2025

A vulnerability was found in ZZCMS 2023. It has been rated as critical. Affected by this issue is... Moderate Unreviewed

CVE-2025-0565 was published Jan 19, 2025

IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could disclose sensitive IP... Moderate Unreviewed

CVE-2024-45653 was published Jan 19, 2025

IBM Maximo MXAPIASSET API 7.6.1.3 could allow a remote attacker to traverse directories on the... Moderate Unreviewed

CVE-2024-45652 was published Jan 19, 2025

IBM Security ReaQta 3.12 could allow an authenticated user to perform unauthorized actions due to... Moderate Unreviewed

CVE-2024-45654 was published Jan 19, 2025

A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. This... Moderate Unreviewed

CVE-2025-0562 was published Jan 19, 2025

A vulnerability was found in code-projects Fantasy-Cricket 1.0. It has been classified as... Moderate Unreviewed

CVE-2025-0563 was published Jan 19, 2025

The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2024-1058 was published Feb 29, 2024

The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2024-1070 was published Feb 29, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

112,775 advisories