Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,121
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

324 advisories

Loading
N/A Critical Unreviewed
CVE-2025-36904 was published Sep 4, 2025
Elevation of Privilege Critical Unreviewed
CVE-2025-36890 was published Sep 4, 2025
N/A Critical Unreviewed
CVE-2025-36896 was published Sep 4, 2025
The Real Spaces - WordPress Properties Directory Theme theme for WordPress is vulnerable to... Critical Unreviewed
CVE-2025-6758 was published Aug 19, 2025
The Reveal Listing plugin by smartdatasoft for WordPress is vulnerable to privilege escalation in... Critical Unreviewed
CVE-2025-6994 was published Aug 6, 2025
The Service Finder SMS System plugin for WordPress is vulnerable to privilege escalation via... Critical Unreviewed
CVE-2025-5954 was published Aug 1, 2025
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-43199 was published Jul 30, 2025
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia... Critical Unreviewed
CVE-2025-24119 was published Jul 30, 2025
The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. plugin... Critical Unreviewed
CVE-2025-7341 was published Jul 15, 2025
The Opal Estate Pro – Property Management and Submission plugin for WordPress, used by the... Critical Unreviewed
CVE-2025-6934 was published Jul 1, 2025
The Simple User Registration plugin for WordPress is vulnerable to Privilege Escalation in all... Critical Unreviewed
CVE-2025-4334 was published Jun 26, 2025
A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated,... Critical Unreviewed
CVE-2025-20282 was published Jun 26, 2025
Gardener allows bypassing project secret validation which can lead to privilege escalation Critical
CVE-2025-47283 was published for github.com/gardener/gardener (Go) May 19, 2025
petersutter rfranzke
donistz timuthy JordanJordanov
Gardener External DNS Management allows malicious google credential in DNS secret to lead to privilege escalation Critical
CVE-2025-47282 was published for github.com/gardener/external-dns-management (Go) May 19, 2025
petersutter donistz
MartinWeindel JordanJordanov
On Arista CloudVision systems (virtual or physical on-premise deployments), Zero Touch... Critical Unreviewed
CVE-2025-0505 was published May 8, 2025
An issue in Coresmartcontracts Uniswap v.3.0 and fixed in v.4.0 allows a remote attacker to... Critical Unreviewed
CVE-2025-25962 was published Apr 29, 2025
org.xwiki.platform:xwiki-platform-security-requiredrights-default required rights analysis doesn't consider TextAreas with default content type Critical
CVE-2025-32974 was published for org.xwiki.platform:xwiki-platform-security-requiredrights-default (Maven) Apr 29, 2025
The UrbanGo Membership plugin for WordPress is vulnerable to privilege escalation in versions up... Critical Unreviewed
CVE-2025-3278 was published Apr 19, 2025
An issue in Erick xmall v.1.1 and before allows a remote attacker to escalate privileges via the... Critical Unreviewed
CVE-2025-28399 was published Apr 15, 2025
The Woffice CRM theme for WordPress is vulnerable to Authentication Bypass in all versions up to,... Critical Unreviewed
CVE-2025-2798 was published Apr 4, 2025
The WP RealEstate plugin for WordPress, used by the Homeo theme, is vulnerable to authentication... Critical Unreviewed
CVE-2025-2237 was published Apr 1, 2025
An issue in Adtran 411 ONT vL80.00.0011.M2 allows attackers to escalate privileges via... Critical Unreviewed
CVE-2025-22937 was published Mar 31, 2025
The Realteo - Real Estate Plugin by Purethemes plugin for WordPress, used by the Findeo Theme, is... Critical Unreviewed
CVE-2025-2232 was published Mar 14, 2025
The Javo Core plugin for WordPress is vulnerable to privilege escalation in all versions up to,... Critical Unreviewed
CVE-2025-0177 was published Mar 8, 2025
The Homey theme for WordPress is vulnerable to privilege escalation in all versions up to, and... Critical Unreviewed
CVE-2024-12281 was published Mar 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database