Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

9,076 advisories

Loading
The Customer Email Verification for WooCommerce plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2024-13525 was published Feb 15, 2025
The Return Refund and Exchange For WooCommerce – Return Management System, RMA Exchange, Wallet... Moderate Unreviewed
CVE-2024-13641 was published Feb 14, 2025
An attacker may modify the URL to discover sensitive information about the target network. High Unreviewed
CVE-2025-25281 was published Feb 14, 2025
The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-13606 was published Feb 13, 2025
An issue in Zertificon Z1 SecureMail Z1 SecureMail Gateway 4.44.2-7240-debian12 allows a remote... High Unreviewed
CVE-2024-51123 was published Feb 13, 2025
Elliptic's private key extraction in ECDSA upon signing a malformed input (e.g. a string) Critical
GHSA-vjh7-7g9h-fjfh was published for elliptic (npm) Feb 12, 2025
ChALkeR
HCL Connections Docs is vulnerable to a sensitive information disclosure which could allow a user... Low Unreviewed
CVE-2024-23563 was published Feb 12, 2025
The Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin plugin for WordPress... High Unreviewed
CVE-2024-13600 was published Feb 12, 2025
An issue in AnkiDroid Android Application v2.17.6 allows attackers to retrieve internal files... Moderate Unreviewed
CVE-2024-44336 was published Feb 12, 2025
GeoNetwork search end-point information disclosure in response headers Moderate
CVE-2024-32037 was published for org.geonetwork-opensource:gn-services (Maven) Feb 11, 2025
josegar74 jodygarnett
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are... Moderate Unreviewed
CVE-2025-24408 was published Feb 11, 2025
An exposure of sensitive information to an unauthorized actor in Fortinet FortiAnalyzer 6.4.0... Low Unreviewed
CVE-2024-52966 was published Feb 11, 2025
In affected versions of Octopus Server the preview import feature could be leveraged to identify... Low Unreviewed
CVE-2025-0525 was published Feb 11, 2025
A sensitive information disclosure vulnerability in the Tenda W18E V16.01.0.8(1625) web... High Unreviewed
CVE-2024-46437 was published Feb 10, 2025
A vulnerability classified as problematic was found in RT-Thread up to 5.1.0. Affected by this... Moderate Unreviewed
CVE-2025-1115 was published Feb 8, 2025
SQL injection in JeecgBoot High
CVE-2024-57606 was published for org.jeecgframework.boot:jeecg-boot-common (Maven) Feb 8, 2025
An issue in Brainasoft Braina v2.8 allows a remote attacker to obtain sensitive information via... High Unreviewed
CVE-2024-55272 was published Feb 8, 2025
Connect-CMS information that is restricted to viewing is visible High
GHSA-2237-5r9w-vm8j was published for opensource-workshop/connect-cms (Composer) Feb 7, 2025
A vulnerability has been identified in GoldPanKit eva-server v4.1.0. It affects the path... Moderate Unreviewed
CVE-2024-54909 was published Feb 7, 2025
An information disclosure vulnerability exists in the Vault API functionality of ClearML... High Unreviewed
CVE-2024-43779 was published Feb 6, 2025
Permission verification vulnerability in the media library module Impact: Successful exploitation... Moderate Unreviewed
CVE-2024-57954 was published Feb 6, 2025
Arbitrary write vulnerability in the Gallery module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-57955 was published Feb 6, 2025
A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and... Moderate Unreviewed
CVE-2025-20207 was published Feb 5, 2025
The WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto plugin for... Moderate Unreviewed
CVE-2024-13829 was published Feb 5, 2025
Grafana Alerting VictorOps integration could be exposed to users with Viewer permission Moderate
CVE-2024-11741 was published for github.com/grafana/grafana (Go) Jan 31, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database