GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,053
Composer 4,314
Erlang 31
GitHub Actions 21
Go 2,072
Maven 5,248
npm 3,744
NuGet 674
pip 3,433
Pub 12
RubyGems 892
Rust 880
Swift 37

Unreviewed advisories

All unreviewed 241,015

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,596 advisories

Filter by severity

Sort by

Least recently updated

XWiki Realtime WYSIWYG Editor extension allows privilege escalation (PR) through realtime WYSIWYG editing Critical

CVE-2025-23025 was published for org.xwiki.platform:xwiki-platform-realtime-wysiwyg-ui (Maven) Jan 14, 2025

The W3 Total Cache plugin for WordPress is vulnerable to unauthorized modification of data due to... Moderate Unreviewed

CVE-2024-12006 was published Jan 14, 2025

The W3 Total Cache plugin for WordPress is vulnerable to unauthorized access of data due to a... High Unreviewed

CVE-2024-12365 was published Jan 14, 2025

Due to a missing authorization check on service endpoints in the SAP NetWeaver Application Server... Moderate Unreviewed

CVE-2025-0067 was published Jan 14, 2025

An obsolete functionality in SAP NetWeaver Application Server ABAP did not perform necessary... Moderate Unreviewed

CVE-2025-0068 was published Jan 14, 2025

Missing Authorization vulnerability in Post SMTP Post SMTP allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2025-22800 was published Jan 13, 2025

The Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups plugin... Moderate Unreviewed

CVE-2024-12204 was published Jan 11, 2025

The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3,... Moderate Unreviewed

CVE-2024-12606 was published Jan 10, 2025

Missing Authorization vulnerability in Drupal Download All Files allows Forceful Browsing.This... Moderate Unreviewed

CVE-2024-13303 was published Jan 9, 2025

Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue... Unknown Unreviewed

CVE-2024-13312 was published Jan 9, 2025

Missing Authorization vulnerability in Drupal Entity Delete Log allows Forceful Browsing.This... Moderate Unreviewed

CVE-2024-13243 was published Jan 9, 2025

Missing Authorization vulnerability in Jason Funk Title Experiments Free allows Exploiting... Moderate Unreviewed

CVE-2025-22561 was published Jan 9, 2025

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-6155 was published Jan 9, 2025

The Bitly's WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification... Moderate Unreviewed

CVE-2024-12616 was published Jan 9, 2025

The linkID plugin for WordPress is vulnerable to unauthorized access of data due to a missing... High Unreviewed

CVE-2024-12542 was published Jan 9, 2025

The Newsletter2Go plugin for WordPress is vulnerable to unauthorized modification of data due to... Moderate Unreviewed

CVE-2024-12618 was published Jan 9, 2025

The SKT Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to a... High Unreviewed

CVE-2024-12848 was published Jan 9, 2025

The MIMO Woocommerce Order Tracking plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2024-5769 was published Jan 9, 2025

The Responsive FlipBook Plugin Wordpress plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-11929 was published Jan 9, 2025

The GS Insever Portfolio plugin for WordPress is vulnerable to unauthorized modification of data... Moderate Unreviewed

CVE-2024-12249 was published Jan 9, 2025

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.5 before 17.5.5,... Moderate Unreviewed

CVE-2024-12431 was published Jan 8, 2025

The Ultimate Gift Cards for WooCommerce – Create WooCommerce Gift Cards, Gift Vouchers, Redeem &... High Unreviewed

CVE-2024-11423 was published Jan 8, 2025

The Shopping Cart & eCommerce Store plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2024-12712 was published Jan 8, 2025

The AdForest theme for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed

CVE-2024-12855 was published Jan 8, 2025

The WordPress Webinar Plugin – WebinarPress plugin for WordPress is vulnerable to arbitrary file... High Unreviewed

CVE-2024-11270 was published Jan 8, 2025

Previous 1 2 3 4 5 … 143 144 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,596 advisories