Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

264,445 advisories

Loading
Spring Framework has Improperly Implemented Security Check for Standard Critical
CVE-2018-1275 was published for org.springframework:spring-messaging (Maven) Oct 17, 2018
sunSUNQ MarkLee131
Spring Framework allows applications to expose STOMP over WebSocket endpoints Critical
CVE-2018-1270 was published for org.springframework:spring-messaging (Maven) Oct 17, 2018
PMD Designer's release key passphrase (GPG) available on Maven Central in cleartext Low
CVE-2025-23215 was published for net.sourceforge.pmd:pmd-core (Maven) Jan 31, 2025
The Privacy Policy Genius WordPress plugin through 2.0.4 does not sanitise and escape a parameter... Moderate Unreviewed
CVE-2024-13219 was published Jan 31, 2025
The User Messages WordPress plugin through 1.2.4 does not sanitise and escape a parameter before... Moderate Unreviewed
CVE-2024-13222 was published Jan 31, 2025
The WordPress Google Map Professional (Map In Your Language) WordPress plugin through 1.0 does... Moderate Unreviewed
CVE-2024-13220 was published Jan 31, 2025
The Fast Tube WordPress plugin through 2.3.1 does not sanitise and escape a parameter before... Moderate Unreviewed
CVE-2024-13218 was published Jan 31, 2025
An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated... Moderate Unreviewed
CVE-2023-42248 was published Jan 14, 2025
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix tlb invalidation... Moderate Unreviewed
CVE-2025-21644 was published Jan 19, 2025
The Zalomení WordPress plugin through 1.5 does not sanitise and escape some of its settings,... Moderate Unreviewed
CVE-2024-12872 was published Jan 31, 2025
Software installed and run as a non-privileged user may conduct improper GPU system calls to... Critical Unreviewed
CVE-2024-47891 was published Jan 31, 2025
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Moderate Unreviewed
CVE-2025-21502 was published Jan 21, 2025
The OPSI Israel Domestic Shipments WordPress plugin through 2.6.3 does not sanitise and escape a... Moderate Unreviewed
CVE-2024-13100 was published Jan 31, 2025
The WP MediaTagger WordPress plugin through 4.1.1 does not validate and escape some of its... Moderate Unreviewed
CVE-2024-13101 was published Jan 31, 2025
The Canvasflow for WordPress plugin through 1.5.5 does not sanitise and escape a parameter before... Moderate Unreviewed
CVE-2024-12275 was published Jan 31, 2025
The Fantastic ElasticSearch WordPress plugin through 4.1.0 does not sanitise and escape a... Moderate Unreviewed
CVE-2024-13221 was published Jan 31, 2025
The Tabulate WordPress plugin through 2.10.3 does not sanitise and escape some parameters before... Moderate Unreviewed
CVE-2024-13223 was published Jan 31, 2025
The WP MediaTagger WordPress plugin through 4.1.1 does not sanitise and escape a parameter before... Moderate Unreviewed
CVE-2024-13112 was published Jan 31, 2025
The A5 Custom Login Page WordPress plugin through 2.8.1 does not sanitise and escape a parameter... Moderate Unreviewed
CVE-2024-13226 was published Jan 31, 2025
This vulnerability allows network-adjacent attackers to disclose sensitive information on... Moderate Unreviewed
CVE-2024-23937 was published Jan 31, 2025
This vulnerability allows network-adjacent attackers to create arbitrary files on affected... High Unreviewed
CVE-2024-23929 was published Jan 31, 2025
This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded... High Unreviewed
CVE-2024-23928 was published Jan 31, 2025
This vulnerability allows remote attackers to disclose sensitive information on affected... High Unreviewed
CVE-2024-23962 was published Jan 31, 2025
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2024-23963 was published Jan 31, 2025
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2024-23920 was published Jan 31, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database