Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,462
Erlang
33
GitHub Actions
22
Go
2,159
Maven
5,000+
npm
3,820
NuGet
696
pip
3,502
Pub
12
RubyGems
903
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

269,083 advisories

Loading
Below has Incorrect Permission Assignment for Critical Resource High
CVE-2025-27591 was published for below (Rust) Mar 11, 2025
mgerstner
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix racy issue from... Unknown Unreviewed
CVE-2024-58087 was published Mar 12, 2025
The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin... Moderate Unreviewed
CVE-2024-13838 was published Mar 12, 2025
The Finale Lite – Sales Countdown Timer & Discount for WooCommerce plugin for WordPress is... Moderate Unreviewed
CVE-2024-12589 was published Mar 12, 2025
The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-13430 was published Mar 12, 2025
Karmada PULL Mode Cluster Privilege Escalation High
CVE-2024-56513 was published for github.com/karmada-io/karmada (Go) Jan 3, 2025
zhzhuang-zju RainbowMango
SHIRO-BAKO suidpit TheZ3ro
The Simple Amazon Affiliate plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed
CVE-2025-2077 was published Mar 12, 2025
The WP Crowdfunding plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed
CVE-2025-1508 was published Mar 12, 2025
The BlogBuzzTime for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2025-2078 was published Mar 12, 2025
hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi... Low Unreviewed
CVE-2025-24912 was published Mar 12, 2025
The binlayerpress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin... Moderate Unreviewed
CVE-2025-2076 was published Mar 12, 2025
The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is... Moderate Unreviewed
CVE-2024-13498 was published Mar 12, 2025
The GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice – CCPA, DSGVO, RGPD... Moderate Unreviewed
CVE-2025-2205 was published Mar 12, 2025
Babel has inefficient RexExp complexity in generated code with .replace when transpiling named capturing groups Moderate
CVE-2025-27789 was published for @babel/helpers (npm) Mar 11, 2025
mmmsssttt404 JLHwung
nicolo-ribaudo
A vulnerability was found in Odyssey CMS up to 10.34. It has been classified as problematic.... Moderate Unreviewed
CVE-2025-2220 was published Mar 12, 2025
A vulnerability has been found in LoveCards LoveCardsV2 up to 2.3.2 and classified as critical.... Moderate Unreviewed
CVE-2025-2218 was published Mar 12, 2025
A vulnerability was found in LoveCards LoveCardsV2 up to 2.3.2 and classified as critical. This... Moderate Unreviewed
CVE-2025-2219 was published Mar 12, 2025
Umbraco Allows a Restricted Editor User to Delete Media Item or Access Unauthorized Content Moderate
CVE-2025-27602 was published for Umbraco.Cms.Web.Backoffice (NuGet) Mar 11, 2025
hazemeldoc
In the Linux kernel, the following vulnerability has been resolved: iio: adc: adi-axi-adc: Fix... Moderate Unreviewed
CVE-2022-49683 was published Mar 12, 2025
In the Linux kernel, the following vulnerability has been resolved: soc: bcm: brcmstb: pm: pm... Moderate Unreviewed
CVE-2022-49678 was published Mar 12, 2025
In the Linux kernel, the following vulnerability has been resolved: memory: samsung: exynos5422... Moderate Unreviewed
CVE-2022-49676 was published Mar 12, 2025
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: lpc32xx_udc:... Moderate Unreviewed
CVE-2022-49712 was published Mar 12, 2025
In the Linux kernel, the following vulnerability has been resolved: net: phy: at803x: fix NULL... Moderate Unreviewed
CVE-2022-49692 was published Mar 12, 2025
The Review Schema plugin for WordPress is vulnerable to Local File Inclusion in all versions up... High Unreviewed
CVE-2025-1707 was published Mar 12, 2025
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: Fix refcount... Moderate Unreviewed
CVE-2022-49652 was published Mar 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database